Lucene search

Linux Kernel Security Vulnerabilities - 2021

cve

CVE-2021-43056

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.

5.5CVSS

5.8AI Score

0.0004EPSS

2021-10-28 04:15 AM

203

cve

CVE-2021-43057

An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access t...

7.8CVSS

7.4AI Score

0.0004EPSS

2021-10-28 04:15 AM

cve

CVE-2021-43267

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

9.8CVSS

6.8AI Score

0.048EPSS

2021-11-02 11:15 PM

291

cve

CVE-2021-43389

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

5.5CVSS

6.2AI Score

0.001EPSS

2021-11-04 07:15 PM

240

cve

CVE-2021-43975

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

6.7CVSS

6.6AI Score

0.001EPSS

2021-11-17 05:15 PM

201

cve

CVE-2021-43976

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

4.6CVSS

6AI Score

0.002EPSS

2021-11-17 05:15 PM

256

cve

CVE-2021-44733

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

7CVSS

7.3AI Score

0.001EPSS

2021-12-22 05:15 PM

282

cve

CVE-2021-45095

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

5.5CVSS

6.5AI Score

0.0005EPSS

2021-12-16 04:15 AM

174

cve

CVE-2021-45469

In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

7.8CVSS

7.2AI Score

0.001EPSS

2021-12-23 07:15 PM

153

cve

CVE-2021-45480

An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.

5.5CVSS

6.1AI Score

0.0004EPSS

2021-12-24 11:15 PM

136

cve

CVE-2021-45485

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

7.5CVSS

7.2AI Score

0.001EPSS

2021-12-25 02:15 AM

258

cve

CVE-2021-45486

In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.

3.5CVSS

5.5AI Score

0.0005EPSS

2021-12-25 02:15 AM

199

Total number of security vulnerabilities162