Show filters
152 Total Results
Displaying 71-80 of 152
Sort by:
Attacker Value
Unknown
CVE-2018-25020
Disclosure Date: December 08, 2021 (last updated February 23, 2025)
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.
0
Attacker Value
Unknown
CVE-2021-43976
Disclosure Date: November 17, 2021 (last updated October 07, 2023)
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
0
Attacker Value
Unknown
CVE-2021-43975
Disclosure Date: November 17, 2021 (last updated February 23, 2025)
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
0
Attacker Value
Unknown
CVE-2021-42377
Disclosure Date: November 15, 2021 (last updated February 23, 2025)
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.
0
Attacker Value
Unknown
CVE-2021-42376
Disclosure Date: November 15, 2021 (last updated February 23, 2025)
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
0
Attacker Value
Unknown
CVE-2021-42375
Disclosure Date: November 15, 2021 (last updated February 23, 2025)
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.
0
Attacker Value
Unknown
CVE-2021-42374
Disclosure Date: November 15, 2021 (last updated February 23, 2025)
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
0
Attacker Value
Unknown
CVE-2021-42373
Disclosure Date: November 15, 2021 (last updated February 23, 2025)
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
0
Attacker Value
Unknown
CVE-2017-5123
Disclosure Date: November 02, 2021 (last updated February 23, 2025)
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
0
Attacker Value
Unknown
CVE-2021-43057
Disclosure Date: October 28, 2021 (last updated February 23, 2025)
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
0