Vulnerabilities > Linux > Linux Kernel > 5.12.19

DATE CVE VULNERABILITY TITLE RISK
2021-08-07 CVE-2021-38166 Integer Overflow or Wraparound vulnerability in multiple products
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket.
local
low complexity
linux fedoraproject debian CWE-190
7.8
2021-08-05 CVE-2021-3655 Improper Input Validation vulnerability in multiple products
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1.
local
low complexity
linux redhat debian CWE-20
3.3
2021-08-05 CVE-2021-3679 Infinite Loop vulnerability in multiple products
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way.
local
low complexity
linux redhat debian CWE-835
5.5
2021-08-02 CVE-2021-34556 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
local
low complexity
linux fedoraproject debian CWE-203
5.5
2021-08-02 CVE-2021-35477 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
local
low complexity
linux debian fedoraproject CWE-203
5.5
2021-07-26 CVE-2021-37576 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
local
low complexity
linux fedoraproject CWE-787
7.8
2021-07-21 CVE-2021-37159 Use After Free vulnerability in multiple products
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
high complexity
linux debian oracle CWE-416
6.4
2021-06-08 CVE-2021-3564 Double Free vulnerability in multiple products
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian CWE-415
5.5
2021-05-26 CVE-2020-27815 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp CWE-119
7.8
2021-05-26 CVE-2020-25668 Improper Synchronization vulnerability in multiple products
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
local
high complexity
linux debian netapp CWE-662
7.0