Vulnerabilities > Linux > Linux Kernel > 5.4.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-14 CVE-2021-34693 Missing Initialization of Resource vulnerability in multiple products
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
local
low complexity
linux debian CWE-909
5.5
2021-06-08 CVE-2021-3564 Double Free vulnerability in multiple products
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian CWE-415
5.5
2021-06-07 CVE-2020-36386 Out-of-bounds Read vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.8.1.
local
low complexity
linux CWE-125
5.6
2021-06-07 CVE-2020-36385 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.10.
local
low complexity
linux netapp starwindsoftware CWE-416
7.8
2021-05-28 CVE-2021-20239 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol.
local
low complexity
linux redhat fedoraproject CWE-119
3.3
2021-05-28 CVE-2021-20292 Use After Free vulnerability in multiple products
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem.
local
low complexity
linux fedoraproject redhat debian CWE-416
6.7
2021-05-26 CVE-2021-20177 Out-of-bounds Read vulnerability in Linux Kernel
A flaw was found in the Linux kernel's implementation of string matching within a packet.
local
low complexity
linux CWE-125
2.1
2021-05-26 CVE-2020-27815 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp CWE-119
7.8
2021-05-26 CVE-2020-25668 Improper Synchronization vulnerability in multiple products
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
local
high complexity
linux debian netapp CWE-662
7.0
2021-05-26 CVE-2020-25669 Use After Free vulnerability in multiple products
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed.
local
low complexity
linux debian netapp CWE-416
7.8