Vulnerabilities > Linux > Linux Kernel > 5.4.93
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2021-35039 | Improper Verification of Cryptographic Signature vulnerability in multiple products kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. | 7.8 |
| 2021-06-24 | CVE-2020-28097 | Out-of-bounds Read vulnerability in multiple products The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. | 3.6 |
| 2021-06-23 | CVE-2021-33624 | Type Confusion vulnerability in multiple products In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. | 4.7 |
| 2021-06-17 | CVE-2021-32078 | Out-of-bounds Read vulnerability in Linux Kernel An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4. | 6.6 |
| 2021-06-14 | CVE-2021-34693 | Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | 5.5 |
| 2021-06-08 | CVE-2021-3564 | Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. | 5.5 |
| 2021-06-07 | CVE-2020-36386 | Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.8.1. | 5.6 |
| 2021-06-07 | CVE-2020-36385 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.10. | 7.8 |
| 2021-05-26 | CVE-2020-27815 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. | 7.8 |
| 2021-05-26 | CVE-2020-25668 | Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | 7.0 |