Vulnerabilities > Linux > Linux Kernel > 5.4.217
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2022-27666 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. | 7.8 |
| 2022-03-18 | CVE-2021-45868 | Use After Free vulnerability in multiple products In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). | 5.5 |
| 2022-03-12 | CVE-2022-26966 | An issue was discovered in the Linux kernel before 5.16.12. | 5.5 |
| 2022-03-10 | CVE-2021-4095 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. | 5.5 |
| 2022-03-10 | CVE-2022-0433 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. | 5.5 |
| 2022-03-10 | CVE-2021-3739 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. | 7.1 |
| 2022-03-10 | CVE-2021-3732 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. | 5.5 |
| 2022-03-06 | CVE-2022-26490 | Classic Buffer Overflow vulnerability in multiple products st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | 7.8 |
| 2022-03-04 | CVE-2021-3744 | Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). | 5.5 |
| 2022-03-03 | CVE-2021-3640 | Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |