Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•78 views

K43030517: Linux kernel BPF vulnerability CVE-2019-7308

Security Advisory Description kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks...

5.6CVSS6.2AI score0.00543EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•30 views

K21536299: Apache Fineract vulnerabilities CVE-2018-1289, CVE-2018-1290, and CVE-2018-1292

Security Advisory Description CVE-2018-1289 In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' and 'sortOrder' which are appended directly with SQL...

9.8CVSS8.5AI score0.03418EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•43 views

K24715544: MySQL vulnerabilities CVE-2018-2591, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, and CVE-2018-2640

Security Advisory Description CVE-2018-2591 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network...

7.5CVSS6.6AI score0.03952EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K44873550: Apache Storm vulnerability CVE-2021-38294

Security Advisory Description A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution RCE prior to authentication...

9.8CVSS9.5AI score0.84489EPSS
Exploits4
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K42142782: Linux kernel vulnerability CVE-2017-15121

Security Advisory Description A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. CVE-2017-15121 Impact An attacker can exploit this vulnerability to cause a denial of...

5.5CVSS6.6AI score0.00398EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•59 views

K37080719: NGINX Instance Manager vulnerability CVE-2022-35241

Security Advisory Description When NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. CVE-2022-35241 Impact System performance can degrade until system inodes become free. This vulnerability allows a remote, authenticated attacker to cause a...

6.5CVSS6.3AI score0.00658EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•28 views

K14713331: MySQL Optimizer vulnerabilities CVE-2017-3638, CVE-2017-3642, and CVE-2017-3645

Security Advisory Description CVE-2017-3638 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS4.6AI score0.0245EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•168 views

K95208524: jQuery vulnerability CVE-2016-7103

Security Advisory Description Cross-site scripting XSS vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. CVE-2016-7103 Impact This vulnerability allows a remote attacker to perform an...

6.1CVSS6.8AI score0.2258EPSS
Exploits1Affected Software6
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•27 views

K02405023: Apache Brooklyn vulnerability CVE-2017-3165

Security Advisory Description In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-si...

5.4CVSS5.4AI score0.01963EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K10751325: TMM vulnerability CVE-2021-23011

Security Advisory Description When the BIG-IP system is buffering packet fragments for reassembly, the Traffic Management Microkernel TMM may consume an excessive amount of resources, eventually leading to a restart and failover event. CVE-2021-23011 Impact BIG-IP The Traffic Management Microkern...

7.5CVSS7.4AI score0.00961EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K04327352: Multiple MySQL data manipulation language vulnerabilities

Security Advisory Description CVE-2017-3634 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acces...

6.5CVSS6.2AI score0.03198EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•34 views

K07082049: NTP vulnerability CVE-2017-6462

Security Advisory Description Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. CVE-2017-6462 Impact This vulnerability allows local users ...

7.8CVSS7.1AI score0.00491EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•47 views

K54891070: Tomcat vulnerabilities CVE-2012-5885, CVE-2012-5886, and CVE-2012-5887

Security Advisory Description CVE-2012-5885 The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc...

5CVSS5.2AI score0.12098EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•40 views

K27638900: Apache Struts vulnerability CVE-2017-15707

Security Advisory Description In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. CVE-2017-15707 Impact There is no impact; F5 products are not affecte...

6.2CVSS6.6AI score0.04889EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•50 views

K54635192: Linux kernel overlayfs vulnerability CVE-2021-3493

Security Advisory Description The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the...

8.8CVSS7.7AI score0.43988EPSS
Exploits27
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•82 views

K38453823: Apache vulnerability CVE-2021-31618

Security Advisory Description Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client...

7.5CVSS7.9AI score0.51208EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•58 views

K14363514: OpenSSL vulnerability CVE-2017-3736

Security Advisory Description There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perfo...

6.5CVSS7.7AI score0.10133EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K43815022: BIG-IP crypto driver vulnerability CVE-2020-5882

Security Advisory Description Under certain conditions, the Intel QuickAssist Technology QAT cryptography driver may produce a Traffic Management Microkernel TMM core file. CVE-2020-5882 Impact The BIG-IP system temporarily fails to process traffic as it recovers from TMM restarting, and systems...

7.5CVSS7.4AI score0.01044EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•42 views

K15317: Linux kernel vulnerability CVE-2014-0101

Security Advisory Description The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer...

7.8CVSS6AI score0.07045EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•44 views

K59836191: GnuTLS vulnerabilities CVE-2017-5335, CVE-2017-5336, and CVE-2017-5337

Security Advisory Description CVE-2017-5335 The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service out-of-memory error and crash via a crafted OpenPGP certificate. CVE-2017-5336 Stack-based buffe...

9.8CVSS9.5AI score0.08009EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•99 views

K58304450: Multiple Intel Processor vulnerabilities: Spectre-NG

Security Advisory Description Eight new vulnerabilities in Intel processors have been mentioned in several sources and are referred to collectively as Spectre-NG. F5 is aware of these vulnerabilities and is investigating as information becomes available. As Intel officially recognizes and announc...

5.6CVSS7.3AI score0.60631EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•47 views

K51494034: Intel NUC BIOS firmware vulnerability CVE-2021-33164

Security Advisory Description Improper access control in BIOS firmware for some IntelR NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-33164 Impact There is no impact; F5 products are not affected by this...

8.2CVSS6.6AI score0.00193EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•65 views

K52102651: Linux Kernel vulnerability CVE-2021-23134

Security Advisory Description Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAPNETRAW capability. CVE-2021-23134 Impac...

7.8CVSS6.3AI score0.00343EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•47 views

K52259753: Intel Processor vulnerability CVE-2022-26373

Security Advisory Description Non-transparent sharing of return predictor targets between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-26373 Impact There is no impact; F5 products are not affected by this...

5.5CVSS5.8AI score0.0035EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•48 views

K55462146: OpenSSL vulnerability CVE-2017-3733

Security Advisory Description During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake or vice-versa then this can cause OpenSSL 1.1.0 before 1.1.0e to crash dependent on ciphersuite. Both clients and servers are affected...

7.5CVSS7.5AI score0.12874EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•48 views

K54647543: Linux kernel vulnerability CVE-2019-25044

Security Advisory Description The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue. CVE-2019-25044 Impact There is...

7.8CVSS7.5AI score0.00645EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•57 views

K50315101: Linux kernel vulnerability CVE-2019-14898

Security Advisory Description The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with...

7CVSS6.4AI score0.00989EPSS
Exploits4
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•50 views

K13364192: Samba vulnerability CVE-2016-2119

Security Advisory Description libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2...

7.5CVSS7.5AI score0.03097EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•43 views

K15535113: MySQL vulnerability CVE-2016-5632

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. CVE-2016-5632 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.9CVSS5.4AI score0.02471EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•102 views

K43429502: OpenSSL RSA key generation vulnerability CVE-2018-0737

Security Advisory Description The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL...

5.9CVSS6.1AI score0.12046EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•155 views

K45356577: Java vulnerability CVE-2022-21449

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable...

7.5CVSS7.2AI score0.48235EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•35 views

K45816067: bzip2 vulnerability CVE-2016-3189

Security Advisory Description Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189 Impact There is no impact; F5 products are not...

6.5CVSS7.4AI score0.15831EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K45432295: BIG-IP APM logging disclosure vulnerability CVE-2017-6139

Security Advisory Description Under rare conditions, the BIG-IP APM system appends log details when responding to client requests. Details in the log file can vary; customers running debug mode logging with BIG-IP APM are at highest risk. CVE-2017-6139 Impact A vulnerable BIG-IP APM system may...

5.9CVSS5.8AI score0.01699EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•51 views

K41997459: BIG-IP APM XSS vulnerability CVE-2021-23054

Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2021-23054 Impact An attacker can craft a malicious URL and send it to an authenticated...

6.1CVSS5.6AI score0.00562EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K01311152: Linux kernel vulnerabilities CVE-2020-36322 and CVE-2021-28950

Security Advisory Description CVE-2020-36322 An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fusedogetattr calls makebadinode in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability w...

5.5CVSS6.3AI score0.00378EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•161 views

K50116122: Apache Tomcat vulnerability CVE-2016-6816

Security Advisory Description The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the...

7.1CVSS7.2AI score0.39633EPSS
Exploits6Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•37 views

K56215245: Intel CPU vulnerabilities CVE-2019-11136 and CVE-2019-11137

Security Advisory Description CVE-2019-11136 Insufficient access control in system firmware for IntelR XeonR Scalable Processors, 2nd Generation IntelR XeonR Scalable Processors and IntelR XeonR Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial ...

8.2CVSS7AI score0.00381EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•45 views

K04450715: libxml2 vulnerability CVE-2015-8806

Security Advisory Description dict.c in libxml2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via an unexpected character immediately after the " Identified Medium screen. To determine if your release is known to be vulnerable, the componen...

7.5CVSS6.7AI score0.04964EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•69 views

K57542514: Python vulnerabilities CVE-2019-9636 and CVE-2019-10160

Security Advisory Description Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The...

9.8CVSS7.3AI score0.09125EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•51 views

K98121587: glibc vulnerability CVE-2021-35942

Security Advisory Description The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs...

9.1CVSS7.9AI score0.02678EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K61002104: BIG-IP AFM and PEM TMUI XSS vulnerability CVE-2019-6639

Security Advisory Description Undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the...

4.8CVSS5.1AI score0.00677EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•44 views

K30737254: Linux kernel vulnerability CVE-2017-2671

Security Advisory Description The pingunhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service panic by leveraging...

5.5CVSS6.2AI score0.01463EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K31424926: BIG-IP APM XSS vulnerability CVE-2019-6595

Security Advisory Description Cross-site scripting XSS vulnerability in F5 BIG-IP Access Policy Manager APM 11.5.x and 11.6.x Admin Web UI. CVE-2019-6595 Impact A remote attacker may be able to access the BIG-IP APM logon page and inject arbitrary web script or HTML to launch a cross-site scripti...

6.1CVSS6AI score0.00923EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•60 views

K70992015: Linux kernel vulnerabilty CVE-2021-33200

Security Advisory Description kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. I...

7.8CVSS6.3AI score0.00377EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•45 views

K48641455: QEMU buffer-overflow vulnerability CVE-2018-17962

Security Advisory Description Qemu has a Buffer Overflow in pcnetreceive in hw/net/pcnet.c because an incorrect integer data type is used. CVE-2018-17962 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...

7.5CVSS6.8AI score0.04503EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•34 views

K34508112: Pango vulnerability CVE-2019-1010238

Security Advisory Description Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vecto...

9.8CVSS9.2AI score0.06274EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•101 views

K32380005: Linux kernel vulnerability CVE-2019-18282

Security Advisory Description The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead ...

5.3CVSS6.8AI score0.02605EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•55 views

K30215094: Ruby vulnerability CVE-2016-7798

Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...

7.5CVSS7AI score0.03167EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•57 views

K54501561: Apple Mac OS X Wiki Server vulnerability CVE-2008-1579

Security Advisory Description Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information user names by reading the error message produced upon access to a nonexistent blog. CVE-2008-1579 Impact There is no impact; F5 products are not affected by this...

5CVSS6.1AI score0.02826EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•54 views

K25200948: Linux kernel vulnerability CVE-2021-33034

Security Advisory Description In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. CVE-2021-33034 Impact There is no impact; F5 products are not affected by this vulnerability...

7.8CVSS6.5AI score0.00819EPSS
Exploits1
Total number of security vulnerabilities6413