Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Workstation Extension 15 SP2 package kernel-default, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (196)
CVE-2019-18814 — CVSS 9.8 (critical): An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in…
CVE-2021-28660 — CVSS 8.8 (high): rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the…
CVE-2020-29569 — CVSS 8.8 (high): An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the…
CVE-2020-36158 — CVSS 8.8 (high): mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2020-12351 — CVSS 8.8 (high): Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2020-28374 — CVSS 8.1 (high): In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can…
CVE-2021-0512 — CVSS 7.8 (high): In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2021-3760 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2021-3444 — CVSS 7.8 (high): The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be…
CVE-2021-41864 — CVSS 7.8 (high): prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF…
CVE-2020-25669 — CVSS 7.8 (high): A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd…
CVE-2020-25670 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege…
CVE-2020-25671 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to…
CVE-2020-29661 — CVSS 7.8 (high): A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free…
CVE-2020-36385 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via…
CVE-2020-0432 — CVSS 7.8 (high): In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of…
CVE-2020-0444 — CVSS 7.8 (high): In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to…
CVE-2020-0466 — CVSS 7.8 (high): In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local…
CVE-2021-23134 — CVSS 7.8 (high): Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In…
CVE-2021-3491 — CVSS 7.8 (high): The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to…
CVE-2021-3483 — CVSS 7.8 (high): A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading…
CVE-2021-26930 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps…
CVE-2021-33909 — CVSS 7.8 (high): fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an…
CVE-2021-3347 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing…
CVE-2021-33200 — CVSS 7.8 (high): kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579…
CVE-2021-33034 — CVSS 7.8 (high): In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This…
CVE-2021-42008 — CVSS 7.8 (high): The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a…
CVE-2021-27365 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or…
CVE-2021-29154 — CVSS 7.8 (high): BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute…
CVE-2021-28375 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user…
CVE-2020-12362 — CVSS 7.8 (high): Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel…
CVE-2021-3715 — CVSS 7.8 (high): A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled…
CVE-2021-22543 — CVSS 7.8 (high): An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages…
CVE-2020-35519 — CVSS 7.8 (high): An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check…
CVE-2021-3612 — CVSS 7.8 (high): An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the…
CVE-2020-27815 — CVSS 7.8 (high): A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes…
CVE-2020-13974 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called…
CVE-2021-42252 — CVSS 7.8 (high): An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers…
CVE-2020-27786 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl…
CVE-2020-14351 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with…
CVE-2020-14356 — CVSS 7.8 (high): A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the…
CVE-2021-35039 — CVSS 7.8 (high): kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG…
CVE-2020-25645 — CVSS 7.5 (high): A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is…
CVE-2021-38207 — CVSS 7.5 (high): drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer…
CVE-2021-20322 — CVSS 7.4 (high): A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to…
CVE-2020-25705 — CVSS 7.4 (high): A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote…
CVE-2020-25643 — CVSS 7.2 (high): A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by…
CVE-2021-3743 — CVSS 7.1 (high): An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a…
CVE-2021-3739 — CVSS 7.1 (high): A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the…
CVE-2020-36386 — CVSS 7.1 (high): An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_re…
CVE-2021-27364 — CVSS 7.1 (high): An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an…
CVE-2020-11668 — CVSS 7.1 (high): In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors…
CVE-2021-3752 — CVSS 7.1 (high): A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect…
CVE-2021-3348 — CVSS 7.0 (high): nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by…
CVE-2021-40490 — CVSS 7.0 (high): A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2021-32399 — CVSS 7.0 (high): net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2020-25212 — CVSS 7.0 (high): A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly…
CVE-2020-25668 — CVSS 7.0 (high): A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free…
CVE-2020-29368 — CVSS 7.0 (high): An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can…
CVE-2020-29369 — CVSS 7.0 (high): An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions…
CVE-2020-29370 — CVSS 7.0 (high): An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID…
CVE-2020-0465 — CVSS 6.8 (medium): In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local…
CVE-2021-38204 — CVSS 6.8 (medium): drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service…
CVE-2021-34981 — CVSS 6.7 (medium): Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate…
CVE-2020-0431 — CVSS 6.7 (medium): In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of…
CVE-2020-14386 — CVSS 6.7 (medium): A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged…
CVE-2021-42739 — CVSS 6.7 (medium): The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and…
CVE-2020-27777 — CVSS 6.7 (medium): A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure…
CVE-2021-28972 — CVSS 6.7 (medium): In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow…
CVE-2019-19769 — CVSS 6.7 (medium): In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h…
CVE-2021-31916 — CVSS 6.7 (medium): An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux…
CVE-2020-12373 — CVSS 6.7 (medium): Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially…
CVE-2020-15780 — CVSS 6.7 (medium): An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs…
CVE-2021-0941 — CVSS 6.7 (medium): In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of…
CVE-2020-15436 — CVSS 6.7 (medium): Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of…
CVE-2021-0342 — CVSS 6.7 (medium): In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege…
CVE-2020-14331 — CVSS 6.6 (medium): A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize…
CVE-2020-12352 — CVSS 6.5 (medium): Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-26141 — CVSS 6.5 (medium): An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message…
CVE-2020-26145 — CVSS 6.5 (medium): An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or…
CVE-2020-24490 — CVSS 6.5 (medium): Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This…
CVE-2020-13143 — CVSS 6.5 (medium): gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering…
CVE-2021-28038 — CVSS 6.5 (medium): An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary…
CVE-2021-3772 — CVSS 6.5 (medium): A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the…
CVE-2020-3702 — CVSS 6.5 (medium): u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with…
CVE-2020-29568 — CVSS 6.5 (medium): An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single…
CVE-2020-29373 — CVSS 6.5 (medium): An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and…
CVE-2021-28688 — CVSS 6.5 (medium): The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This…
CVE-2021-37159 — CVSS 6.4 (medium): hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the…
CVE-2020-0305 — CVSS 6.4 (medium): In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege…
CVE-2020-25285 — CVSS 6.4 (medium): A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to…
CVE-2021-3573 — CVSS 6.4 (medium): A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR…
CVE-2021-30002 — CVSS 6.2 (medium): An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl…
CVE-2020-10751 — CVSS 6.1 (medium): A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would…
CVE-2020-27171 — CVSS 6.0 (medium): An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer…
CVE-2020-25211 — CVSS 6.0 (medium): In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing…
CVE-2020-10711 — CVSS 5.9 (medium): A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing…
CVE-2020-28915 — CVSS 5.8 (medium): A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read…
CVE-2020-27825 — CVSS 5.7 (medium): A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and…
CVE-2021-0129 — CVSS 5.7 (medium): Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-14390 — CVSS 5.6 (medium): A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading…
CVE-2020-10781 — CVSS 5.5 (medium): A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read…
CVE-2020-36311 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup)…
CVE-2020-36312 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc…
CVE-2020-36322 — CVSS 5.5 (medium): An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr()…
CVE-2020-8694 — CVSS 5.5 (medium): Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2020-28941 — CVSS 5.5 (medium): An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the…
CVE-2020-27830 — CVSS 5.5 (medium): A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without…
CVE-2020-25641 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the…
CVE-2021-29155 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer…
CVE-2021-29264 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet…
CVE-2021-29647 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive…
CVE-2021-29650 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic)…
CVE-2021-3428 — CVSS 5.5 (medium): A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem…
CVE-2021-34556 — CVSS 5.5 (medium): In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store…
CVE-2021-34693 — CVSS 5.5 (medium): net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts…
CVE-2020-15393 — CVSS 5.5 (medium): In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
CVE-2020-14385 — CVSS 5.5 (medium): A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a…
CVE-2021-35477 — CVSS 5.5 (medium): In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store…
CVE-2021-43389 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
CVE-2020-14314 — CVSS 5.5 (medium): A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a…
CVE-2020-12771 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing…
CVE-2020-12769 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to…
CVE-2020-12656 — CVSS 5.5 (medium): gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks…
CVE-2021-3659 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes…
CVE-2021-3669 — CVSS 5.5 (medium): A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which…
CVE-2021-3679 — CVSS 5.5 (medium): A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace…
CVE-2020-12364 — CVSS 5.5 (medium): Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version…
CVE-2020-12363 — CVSS 5.5 (medium): Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5…
CVE-2021-3732 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows…
CVE-2020-36310 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain…
CVE-2021-3744 — CVSS 5.5 (medium): A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows…
CVE-2020-10768 — CVSS 5.5 (medium): A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation…
CVE-2020-10767 — CVSS 5.5 (medium): A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The…
CVE-2021-3759 — CVSS 5.5 (medium): A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the…
CVE-2020-10766 — CVSS 5.5 (medium): A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker…
CVE-2021-3764 — CVSS 5.5 (medium): A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The…
CVE-2021-38198 — CVSS 5.5 (medium): arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to…
CVE-2020-0427 — CVSS 5.5 (medium): In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information…
CVE-2020-0404 — CVSS 5.5 (medium): In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to…
CVE-2019-20812 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a…
CVE-2019-20810 — CVSS 5.5 (medium): go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path…
CVE-2019-19462 — CVSS 5.5 (medium): relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by…
CVE-2021-43056 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is…
CVE-2021-26931 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a…
CVE-2021-26932 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls…
CVE-2020-26088 — CVSS 5.5 (medium): A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers…
CVE-2020-25704 — CVSS 5.5 (medium): A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local…
CVE-2020-25673 — CVSS 5.5 (medium): A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the…
CVE-2021-28950 — CVSS 5.5 (medium): An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually…
CVE-2021-28971 — CVSS 5.5 (medium): In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications…
CVE-2020-26147 — CVSS 5.4 (medium): An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of…
CVE-2020-10135 — CVSS 5.4 (medium): Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an…
CVE-2020-26139 — CVSS 5.3 (medium): An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has…
CVE-2020-12888 — CVSS 5.3 (medium): The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
CVE-2020-16120 — CVSS 5.1 (medium): Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user…
CVE-2020-28974 — CVSS 5.0 (medium): A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or…
CVE-2021-3753 — CVSS 4.7 (medium): A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as…
CVE-2021-29265 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a…
CVE-2020-4788 — CVSS 4.7 (medium): IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache…
CVE-2020-27170 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer…
CVE-2021-33624 — CVSS 4.7 (medium): In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and…
CVE-2021-28964 — CVSS 4.7 (medium): A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a…
CVE-2020-15437 — CVSS 4.4 (medium): The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_p…
CVE-2020-29660 — CVSS 4.4 (medium): A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and…
CVE-2021-27363 — CVSS 4.4 (medium): An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the…
CVE-2021-20177 — CVSS 4.4 (medium): A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN)…
CVE-2020-25639 — CVSS 4.4 (medium): A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way…
CVE-2020-27835 — CVSS 4.4 (medium): A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open…
CVE-2020-10773 — CVSS 4.4 (medium): A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to…
CVE-2021-0605 — CVSS 4.4 (medium): In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information…
CVE-2020-26558 — CVSS 4.2 (medium): Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to…
CVE-2020-14416 — CVSS 4.2 (medium): In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a…
CVE-2020-25284 — CVSS 4.1 (medium): The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd…
CVE-2020-25656 — CVSS 4.1 (medium): A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT…
CVE-2020-16166 — CVSS 3.7 (low): The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal…
CVE-2020-29374 — CVSS 3.6 (low): An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup)…
CVE-2020-24586 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that…
CVE-2020-24588 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the…
CVE-2020-10732 — CVSS 3.3 (low): A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a…
CVE-2021-38205 — CVSS 3.3 (low): drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection…
CVE-2020-29371 — CVSS 3.3 (low): An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace…
CVE-2021-3655 — CVSS 3.3 (low): A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow…
CVE-2021-21781 — CVSS 3.3 (low): An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version…
CVE-2020-24587 — CVSS 2.6 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all…
CVE-2021-3542: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of…
CVE-2021-3896: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of…