Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

6 matches found

CVE•added 2021/11/02 11:15 p.m.•341 views

CVE-2021-43267

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

9.8CVSS6.8AI score0.72709EPSS

CVE•added 2021/11/17 5:15 p.m.•298 views

CVE-2021-43976

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

4.6CVSS6AI score0.00017EPSS

CVE•added 2021/11/04 7:15 p.m.•283 views

CVE-2021-43389

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

5.5CVSS6.2AI score0.00008EPSS

CVE•added 2021/11/03 12:15 a.m.•280 views

CVE-2020-27820

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).

4.7CVSS6.1AI score0.00014EPSS

CVE•added 2021/11/17 5:15 p.m.•268 views

CVE-2021-43975

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

6.7CVSS6.6AI score0.00018EPSS

CVE•added 2021/11/02 10:15 p.m.•66 views

CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.

8.8CVSS7.4AI score0.01984EPSS