5.6.6

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-24	CVE-2020-26558	Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. high complexity bluetooth fedoraproject debian linux intel CWE-287	4.2
2021-05-14	CVE-2021-33034	Use After Free vulnerability in multiple products In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. local low complexity linux fedoraproject debian CWE-416	7.8
2021-05-12	CVE-2021-23134	Use After Free vulnerability in multiple products Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. local low complexity linux fedoraproject debian CWE-416	7.8
2021-05-06	CVE-2021-31829	Incorrect Authorization vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. local low complexity linux fedoraproject debian CWE-863	5.5
2021-05-06	CVE-2020-35519	Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. local low complexity linux netapp CWE-125	7.8
2021-04-22	CVE-2021-23133	Race Condition vulnerability in multiple products A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. local high complexity linux fedoraproject debian netapp broadcom CWE-362	7.0
2021-04-20	CVE-2021-29155	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.x. local low complexity linux fedoraproject debian CWE-125	5.5
2021-04-19	CVE-2021-3506	Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. local low complexity linux debian netapp CWE-125	7.1
2021-04-08	CVE-2021-29154	Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. local low complexity linux fedoraproject debian netapp CWE-77	7.8
2021-03-26	CVE-2020-35508	Improper Initialization vulnerability in multiple products A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. local high complexity linux redhat netapp CWE-665	4.5