Vulnerabilities > Linux > Linux Kernel

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-20226 A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use.
local
low complexity
linux netapp
7.8
7.8
2021-02-19 CVE-2020-35499 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets.
local
low complexity
linux CWE-476
6.7
6.7
2021-02-17 CVE-2021-26934 An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject
7.8
7.8
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian netapp
5.5
5.5
2021-02-17 CVE-2021-26931 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen.
local
low complexity
linux fedoraproject debian CWE-770
5.5
5.5
2021-02-17 CVE-2021-26930 An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian
7.8
7.8
2021-02-10 CVE-2020-16120 Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed.
local
low complexity
linux canonical
4.4
4.4
2021-02-05 CVE-2021-26708 Improper Locking vulnerability in multiple products
A local privilege escalation was discovered in the Linux kernel before 5.10.13.
local
high complexity
linux netapp CWE-667
7.0
7.0
2021-02-01 CVE-2021-3348 Use After Free vulnerability in multiple products
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.
local
high complexity
linux debian CWE-416
7.0
7.0
2021-01-29 CVE-2021-3347 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.10.11.
local
low complexity
linux debian fedoraproject CWE-416
7.8
7.8