Vulnerabilities > Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-05 CVE-2022-32296 Use of Insufficiently Random Values vulnerability in Linux Kernel
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
local
low complexity
linux CWE-330
3.3
2022-03-30 CVE-2020-35501 A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem
local
low complexity
linux redhat
3.4
2022-02-04 CVE-2022-24448 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5.
local
low complexity
linux debian CWE-908
3.3
2021-12-25 CVE-2021-45486 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
low complexity
linux oracle CWE-327
3.5
2021-08-18 CVE-2021-21781 Use of Uninitialized Resource vulnerability in multiple products
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54.
local
low complexity
linux oracle CWE-908
3.3
2021-08-08 CVE-2021-38209 Information Exposure Through Discrepancy vulnerability in Linux Kernel
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces.
local
low complexity
linux CWE-203
3.3
2021-08-08 CVE-2021-38205 Access of Uninitialized Pointer vulnerability in multiple products
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
local
low complexity
linux debian CWE-824
3.3
2021-08-05 CVE-2021-3655 Improper Input Validation vulnerability in multiple products
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1.
local
low complexity
linux redhat debian CWE-20
3.3
2021-05-28 CVE-2021-20239 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol.
local
low complexity
linux redhat fedoraproject CWE-119
3.3
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5