Lucene search
K
LinuxLinux Kernel4.10.0

12 matches found

CVE
CVE
added 2024/02/25 2:3 p.m.1216 views

CVE-2021-46904

CVE-2021-46904 affects the Linux kernel net: hso subsystem. The issue was a null pointer dereference during tty device unregistration caused by multiple ttys claiming the same minor number. The root cause was that get_free_serial_index() returned an available minor but did not assign it immediate...

5.5CVSS6.2AI score0.00256EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.995 views

CVE-2019-25160

CVE-2019-25160 is about netlabel: fix out-of-bounds memory accesses in the Linux kernel. The Connected documents specify two array OOB accesses: one in cipso_v4_map_lvl_valid() and another in netlbl_bitmap_walk(). The fixes are described as straightforward, and backport guidance notes that netlbl...

7.1CVSS6.8AI score0.00252EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.968 views

CVE-2021-46906

CVE-2021-46906 — Linux kernel HID (usbhid) info leak fix : The vulnerability arises in hid_submit_ctrl where report->size of zero caused transfer_buffer_length to be calculated as 16384, enabling an information leak. The root cause is the calculation in hid_report_len() not handling a zero-siz...

5.5CVSS6.1AI score0.00245EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.739 views

CVE-2021-46939

CVE-2021-46939 affects the Linux kernel where tracing changes to trace_clock_global() could deadlock due to recursive locking during tracing; the fix uses a trylock and retry semantics to avoid blocking. Public details in connected advisories (MiracleLinux UTSA, Nessus plugin) describe the same i...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.659 views

CVE-2020-36777

CVE-2020-36777 is a Linux kernel issue where media: dvbdev had a memory leak in dvb_media_device_free(), documented as freeing dvbdev->adapter->conn before NULL-ing it. The connected MiracleLinux advisory (AXSA-2024-8481:17) lists this CVE among others and confirms a fix/vendor advisory. Th...

5.5CVSS6.1AI score0.00242EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.655 views

CVE-2021-46936

CVE-2021-46936 affects the Linux kernel (net: fix use-after-free in tw_timer_handler). The flaw allowed use-after-free on net->mib.net_statistics when destroying a net namespace if inflight time-wait timers exist; it is triggered during path of timer handling and ip/mib teardown. The fix reloc...

7.8CVSS7.4AI score0.00244EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.566 views

CVE-2021-46938

CVE-2021-46938 affects the Linux kernel in the device-mapper (dm-mq) path for request-based mapped devices. When loading a device-mapper table, if the allocation/initialization of blk_mq_tag_set for the device fails, a subsequent dev_remove can trigger a double free during cleanup because the poi...

7.8CVSS7.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.541 views

CVE-2021-46933

The CVE-2021-46933 issue affects the Linux kernel USB gadget f_fs component. It occurred when ffs_data_clear was invoked indirectly via ffs_fs_kill_sb/ffs_ep0_release, causing eventfd_ctx_put to be called multiple times and leading to a refcount underflow. The documented fix zeroes out ffs_eventf...

5.5CVSS6.1AI score0.00233EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.461 views

CVE-2021-46932

CVE-2021-46932 affects the Linux kernel’s input subsystem (Input: appletouch). The root cause is that input_dev->close() can cancel_work_sync(&dev->work) before dev->work is initialized (initialized after input_register_device()), causing a risk of a NULL work function in __flush_work()....

5.5CVSS6.1AI score0.00228EPSS
CVE
CVE
added 2021/03/05 12:0 a.m.338 views

CVE-2021-28038

CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...

6.5CVSS6.3AI score0.00708EPSS
CVE
CVE
added 2020/10/22 8:33 p.m.313 views

CVE-2020-27673

CVE-2020-27673 is described in connected advisories as a Linux kernel race-condition bug in Xen event handling, permitting a guest (domU) to cause a denial of service or host hang in dom0 when exposed to high event rates. Affected scope: Linux kernel up to 5.9.1, used with Xen through 4.14.x. The...

5.5CVSS6.2AI score0.0041EPSS
CVE
CVE
added 2024/04/10 6:56 p.m.104 views

CVE-2021-47194

CVE-2021-47194 : Linux kernel vulnerability in cfg80211 where switching from P2P_GO to ADHOC via NL80211_CMD_SET_INTERFACE failed to call cfg80211_stop_ap, allowing in-use data to be re-initialized (e.g., sdata->assigned_chanctx_list) while still in assigned_vifs, corrupting the linked list. D...

7.8CVSS6.4AI score0.00249EPSS