Vulnerabilities > Linux > Linux Kernel > 5.9.1

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-31829 Incorrect Authorization vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a.
local
low complexity
linux fedoraproject debian CWE-863
5.5
2021-05-06 CVE-2020-35519 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5.
local
low complexity
linux netapp CWE-125
7.8
2021-05-06 CVE-2021-3501 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.12.
local
low complexity
linux redhat fedoraproject netapp CWE-787
3.6
2021-04-22 CVE-2021-23133 Race Condition vulnerability in multiple products
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process.
7.0
2021-04-20 CVE-2021-29155 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.x.
local
low complexity
linux fedoraproject debian CWE-125
5.5
2021-04-19 CVE-2021-3506 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4.
local
low complexity
linux debian netapp CWE-125
7.1
2021-04-14 CVE-2020-36322 Incomplete Cleanup vulnerability in multiple products
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf.
local
low complexity
linux debian starwindsoftware CWE-459
5.5
2021-04-08 CVE-2021-29154 Command Injection vulnerability in multiple products
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context.
local
low complexity
linux fedoraproject debian netapp CWE-77
7.8
2021-04-06 CVE-2021-28688 Improper Initialization vulnerability in multiple products
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values.
local
low complexity
linux debian CWE-665
2.1
2021-04-02 CVE-2021-30002 An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists.
local
low complexity
linux debian
2.1