Vulnerabilities > Linux > Linux Kernel > 5.6.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-23 | CVE-2021-20194 | Improper Input Validation vulnerability in multiple products There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). | 7.8 |
2021-02-23 | CVE-2021-20226 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. | 7.8 |
2021-02-17 | CVE-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. | 7.8 |
2021-02-17 | CVE-2021-26932 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. | 5.5 |
2021-02-17 | CVE-2021-26931 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. | 5.5 |
2021-02-17 | CVE-2021-26930 | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. | 7.8 |
2021-02-05 | CVE-2021-26708 | Improper Locking vulnerability in multiple products A local privilege escalation was discovered in the Linux kernel before 5.10.13. | 7.0 |
2021-01-29 | CVE-2021-3347 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. | 7.8 |
2021-01-19 | CVE-2021-3178 | Path Traversal vulnerability in multiple products fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. | 6.5 |
2021-01-13 | CVE-2020-28374 | Path Traversal vulnerability in multiple products In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. | 8.1 |