Total
6281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26934 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry. | |||||
| CVE-2021-26334 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2023-11-07 | 9.0 HIGH | 9.9 CRITICAL |
| The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. | |||||
| CVE-2021-23134 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | |||||
| CVE-2021-23133 | 5 Broadcom, Debian, Fedoraproject and 2 more | 24 Brocade Fabric Operating System, Debian Linux, Fedora and 21 more | 2023-11-07 | 6.9 MEDIUM | 7.0 HIGH |
| A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket. | |||||
| CVE-2021-21179 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21178 | 5 Debian, Fedoraproject, Google and 2 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2021-21157 | 4 Fedoraproject, Google, Linux and 1 more | 5 Fedora, Chrome, Linux Kernel and 2 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21153 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2021-21152 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21149 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2021-21107 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2023-11-07 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-20321 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2023-11-07 | 4.7 MEDIUM | 4.7 MEDIUM |
| A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | |||||
| CVE-2021-20320 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem. | |||||
| CVE-2021-20268 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2021-20239 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-11-07 | 2.1 LOW | 3.3 LOW |
| A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality. | |||||
| CVE-2021-1451 | 2 Cisco, Linux | 2 Ios Xe, Linux Kernel | 2023-11-07 | 9.3 HIGH | 9.8 CRITICAL |
| A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an affected device. The vulnerability is due to incorrect boundary checks of certain values in Easy VSS protocol packets that are destined for an affected device. An attacker could exploit this vulnerability by sending crafted Easy VSS protocol packets to UDP port 5500 while the affected device is in a specific state. When the crafted packet is processed, a buffer overflow condition may occur. A successful exploit could allow the attacker to trigger a denial of service (DoS) condition or execute arbitrary code with root privileges on the underlying Linux operating system of the affected device. | |||||
| CVE-2021-1450 | 4 Apple, Cisco, Linux and 1 more | 4 Macos, Anyconnect Secure Mobility Client, Linux Kernel and 1 more | 2023-11-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. Note: The process under attack will automatically restart so no action is needed by the user or admin. | |||||
| CVE-2020-9391 | 3 Fedoraproject, Linux, Netapp | 10 Fedora, Linux Kernel, Active Iq Unified Manager and 7 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation. | |||||
| CVE-2020-8835 | 4 Canonical, Fedoraproject, Linux and 1 more | 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) | |||||
| CVE-2020-7290 | 2 Linux, Mcafee | 2 Linux Kernel, Active Response | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||