Vulnerabilities > Oracle > Communications Cloud Native Core Network Exposure Function > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-03 CVE-2020-27820 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
local
high complexity
linux fedoraproject oracle
4.7
2021-10-20 CVE-2021-42739 Out-of-bounds Write vulnerability in multiple products
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
6.7
2021-07-21 CVE-2021-37159 Use After Free vulnerability in multiple products
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
high complexity
linux debian oracle CWE-416
6.4
2020-11-20 CVE-2020-4788 IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances.
local
high complexity
ibm fedoraproject oracle
4.7
2020-09-17 CVE-2020-0404 Improper Privilege Management vulnerability in multiple products
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause.
local
low complexity
google oracle CWE-269
5.5