Vulnerabilities > Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2021-08-18 CVE-2021-21781 Use of Uninitialized Resource vulnerability in multiple products
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54.
local
low complexity
linux oracle CWE-908
3.3
2021-08-08 CVE-2021-38209 Information Exposure Through Discrepancy vulnerability in Linux Kernel
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces.
local
low complexity
linux CWE-203
3.3
2021-08-08 CVE-2021-38205 Access of Uninitialized Pointer vulnerability in multiple products
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
local
low complexity
linux debian CWE-824
3.3
2021-08-05 CVE-2021-3655 Improper Input Validation vulnerability in multiple products
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1.
local
low complexity
linux redhat debian CWE-20
3.3
2021-05-28 CVE-2021-20239 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol.
local
low complexity
linux redhat fedoraproject CWE-119
3.3
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
2.6
2021-05-11 CVE-2020-24586 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network.
low complexity
ieee debian linux arista intel
3.5
2020-11-28 CVE-2020-29371 Use of Uninitialized Resource vulnerability in Linux Kernel
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.
local
low complexity
linux CWE-908
3.3
2020-11-28 CVE-2020-29374 Incorrect Authorization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c.
local
high complexity
linux debian netapp CWE-863
3.6