5.13.13

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-20	CVE-2021-42739	Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. local low complexity linux fedoraproject debian starwindsoftware oracle CWE-787	6.7
2021-10-11	CVE-2021-42252	An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. local low complexity linux netapp	7.8
2021-10-02	CVE-2021-41864	Integer Overflow or Wraparound vulnerability in multiple products prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. local low complexity linux fedoraproject netapp debian CWE-190	7.8
2021-09-20	CVE-2021-38300	arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. local low complexity linux netapp debian	7.8
2021-09-19	CVE-2021-41073	Release of Invalid Pointer or Reference vulnerability in multiple products loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. local low complexity linux debian fedoraproject netapp CWE-763	7.8
2021-09-03	CVE-2021-40490	Race Condition vulnerability in multiple products A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. local high complexity linux fedoraproject debian netapp CWE-362	7.0
2021-08-05	CVE-2021-3655	Improper Input Validation vulnerability in multiple products A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. local low complexity linux redhat debian CWE-20	3.3
2021-08-05	CVE-2021-3679	Infinite Loop vulnerability in multiple products A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. local low complexity linux redhat debian CWE-835	5.5
2021-06-08	CVE-2021-3564	A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. local low complexity linux fedoraproject debian	5.5
2021-05-26	CVE-2020-27815	A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. local low complexity linux debian netapp	7.8