Lucene search

Baseboard Management Controller 500f Firmware Security Vulnerabilities

cve

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in...

7CVSS

7.4AI Score

0.001EPSS

2021-05-26 12:15 PM

198

cve

CVE-2021-28971

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka...

5.5CVSS

6.5AI Score

0.0004EPSS

2021-03-22 05:15 PM

221

cve

CVE-2021-28964

A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka...

4.7CVSS

6.2AI Score

0.0004EPSS

2021-03-22 09:15 AM

222

cve

CVE-2021-28952

An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in...

7.8CVSS

7.8AI Score

0.001EPSS

2021-03-20 09:15 PM

195

cve

CVE-2021-28951

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka...

5.5CVSS

5.6AI Score

0.0004EPSS

2021-03-20 08:15 PM

121

cve

CVE-2021-26708

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport...

7CVSS

6.6AI Score

0.0004EPSS

2021-02-05 02:15 PM

156

cve

CVE-2020-14305

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

8.1CVSS

7.8AI Score

0.039EPSS

2020-12-02 01:15 AM

214

cve

CVE-2020-15436

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error...

6.7CVSS

6.9AI Score

0.0004EPSS

2020-11-23 09:15 PM

223