In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
Max CVSS
3.5
EPSS Score
0.05%
Published
2021-12-25
Updated
2023-02-24
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-12-25
Updated
2023-02-24
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.
Max CVSS
5.5
EPSS Score
0.05%
Published
2021-12-24
Updated
2022-04-06
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
Max CVSS
7.8
EPSS Score
0.07%
Published
2021-12-23
Updated
2022-04-06
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
Max CVSS
5.5
EPSS Score
0.05%
Published
2021-12-16
Updated
2022-04-06
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
Max CVSS
7.0
EPSS Score
0.12%
Published
2021-12-22
Updated
2024-03-25
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-12-08
Updated
2022-04-05
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!