Vulnerabilities > Linux > Linux Kernel > 5.5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-23 | CVE-2021-20194 | Improper Input Validation vulnerability in multiple products There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). | 7.8 |
2021-02-23 | CVE-2021-20226 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. | 7.8 |
2021-02-17 | CVE-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. | 7.8 |
2021-02-17 | CVE-2021-26932 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. | 5.5 |
2021-02-17 | CVE-2021-26931 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. | 5.5 |
2021-02-17 | CVE-2021-26930 | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. | 7.8 |
2021-02-10 | CVE-2020-16120 | Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. | 2.1 |
2021-02-05 | CVE-2021-26708 | Improper Locking vulnerability in multiple products A local privilege escalation was discovered in the Linux kernel before 5.10.13. | 7.0 |
2021-02-01 | CVE-2021-3348 | Use After Free vulnerability in multiple products nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. | 4.4 |
2021-01-29 | CVE-2021-3347 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. | 7.8 |