Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-21 | CVE-2021-4001 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. | 4.1 |
| 2022-01-21 | CVE-2021-4032 | Incomplete Cleanup vulnerability in Linux Kernel A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. | 4.4 |
| 2022-01-11 | CVE-2021-46283 | Improper Initialization vulnerability in Linux Kernel nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. | 5.5 |
| 2022-01-06 | CVE-2021-28714 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. | 6.5 |
| 2022-01-06 | CVE-2021-28715 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. | 6.5 |
| 2021-12-24 | CVE-2021-45480 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. | 5.5 |
| 2021-12-16 | CVE-2021-45095 | Information Exposure vulnerability in multiple products pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | 5.5 |
| 2021-11-17 | CVE-2021-43975 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | 6.7 |
| 2021-11-17 | CVE-2021-43976 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | 4.6 |
| 2021-11-04 | CVE-2021-43389 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.14.15. | 5.5 |