Vulnerabilities > Linux > Linux Kernel > 5.4.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-02 | CVE-2021-41864 | Integer Overflow or Wraparound vulnerability in multiple products prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | 7.8 |
2021-09-29 | CVE-2021-3653 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
2021-09-20 | CVE-2021-38300 | arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. | 7.8 |
2021-09-03 | CVE-2021-40490 | Race Condition vulnerability in multiple products A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | 7.0 |
2021-08-13 | CVE-2021-3573 | Race Condition vulnerability in multiple products A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). | 6.4 |
2021-08-13 | CVE-2021-3635 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. | 4.9 |
2021-08-08 | CVE-2021-38198 | arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. | 2.1 |
2021-08-08 | CVE-2021-38199 | fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. | 3.3 |
2021-08-08 | CVE-2021-38200 | NULL Pointer Dereference vulnerability in Linux Kernel arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command. | 2.1 |
2021-08-08 | CVE-2021-38202 | Out-of-bounds Read vulnerability in multiple products fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. | 5.0 |