Linux Linux

Do you want an email whenever new security vulnerabilities are reported in any Linux product?

Products by Linux Sorted by Most Security Vulnerabilities since 2018

Linux Kernel1017 vulnerabilities

Linux Acrn7 vulnerabilities

Linux Tizen5 vulnerabilities

Linux Mac802113 vulnerabilities

@Linux_Kernel Tweets

Linux kernel 3.6.1 ( stable) has been released - http://t.co/vhc5dozz #linux #kernel
Sun Oct 07 15:49:01 +0000 2012

Linux kernel next-20120928 ( linux-next) has been released - http://t.co/vhc5dozz #linux #kernel
Mon Oct 01 00:19:02 +0000 2012

Linux kernel 3.6 ( mainline) has been released - http://t.co/vhc5dozz #linux #kernel
Mon Oct 01 00:19:01 +0000 2012

Linux kernel next-20120921 ( linux-next) has been released - http://t.co/vhc5dozz #linux #kernel
Mon Sep 24 01:49:03 +0000 2012

Linux kernel 3.6-rc7 ( mainline) has been released - http://t.co/vhc5dozz #linux #kernel
Mon Sep 24 01:49:02 +0000 2012

By the Year

In 2021 there have been 155 vulnerabilities in Linux with an average score of 6.6 out of ten. Last year Linux had 117 security vulnerabilities published. That is, 38 more vulnerabilities have already been reported in 2021 as compared to last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.41.

Year Vulnerabilities Average Score
2021 155 6.59
2020 117 6.18
2019 266 6.30
2018 144 6.25

It may take a day or so for new Linux vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Linux Security Vulnerabilities

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6

CVE-2021-42252 7.8 - High - October 11, 2021

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes.

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write

CVE-2021-42008 7.8 - High - October 05, 2021

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

Memory Corruption

prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9

CVE-2021-41864 7.8 - High - October 02, 2021

prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.

Integer Overflow or Wraparound

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization

CVE-2021-3653 8.8 - High - September 29, 2021

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.

AuthZ

A flaw was found in the Linux kernel

CVE-2021-20317 4.4 - Medium - September 27, 2021

A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.

Improper Initialization

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs

CVE-2021-38300 7.8 - High - September 20, 2021

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6

CVE-2021-41073 7.8 - High - September 19, 2021

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.

Improper Privilege Management

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

CVE-2021-40490 7 - High - September 03, 2021

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

Race Condition

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54

CVE-2021-21781 3.3 - Low - August 18, 2021

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a processs memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

Use of Uninitialized Resource

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7

CVE-2021-3635 4.4 - Medium - August 13, 2021

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

Buffer Overflow

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add()

CVE-2021-3573 6.4 - Medium - August 13, 2021

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.

Race Condition

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10

CVE-2021-38208 5.5 - Medium - August 08, 2021

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

NULL Pointer Dereference

arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page

CVE-2021-38198 5.5 - Medium - August 08, 2021

arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.

arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered

CVE-2021-38200 5.5 - Medium - August 08, 2021

arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.

NULL Pointer Dereference

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6

CVE-2021-38204 6.8 - Medium - August 08, 2021

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.

Dangling pointer

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13

CVE-2021-38207 7.5 - High - August 08, 2021

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.

Classic Buffer Overflow

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might

CVE-2021-38202 7.5 - High - August 08, 2021

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

Out-of-bounds Read

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which

CVE-2021-38199 6.5 - Medium - August 08, 2021

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.

net/sunrpc/xdr.c in the Linux kernel before 5.13.4

CVE-2021-38201 7.5 - High - August 08, 2021

net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.

Buffer Overflow

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism

CVE-2021-38205 3.3 - Low - August 08, 2021

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

Access of Uninitialized Pointer

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.