The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2021-3984 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Dec 3, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2019-8922 | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn\'t any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer. There are no size checks whatsoever, resulting in a simple heap overflow if one can craft a request where the response is large enough to overflow the preallocated buffer. This issue exists in service_attr_req gets called by process_request (in sdpd-request.c), which also allocates the response buffer. | MEDIUM | Dec 3, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-43975 | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | MEDIUM | Nov 19, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-43618 | GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. | MEDIUM | Nov 16, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-33098 | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | MEDIUM | Nov 17, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended. | MEDIUM | Nov 19, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-3974 | vim is vulnerable to Use After Free | MEDIUM | Nov 19, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-42386 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42385 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42384 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42383 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42382 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42381 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42380 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42379 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-42378 | A use-after-free in Busybox\'s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function | MEDIUM | Nov 11, 2021 | 10.19.45.22 (Wind River Linux LTS 19) |
CVE-2021-23222 | A man-in-the-middle attacker can inject false responses to the client\'s first few queries, despite the use of SSL certificate verification and encryption. | MEDIUM | Nov 9, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-23214 | When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | MEDIUM | Nov 9, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2020-25722 | Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. | MEDIUM | Nov 11, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2020-25721 | Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets. | MEDIUM | Nov 11, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2020-23903 | A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. | MEDIUM | Nov 11, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-43400 | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | MEDIUM | Nov 5, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-43396 | In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \'\\0\' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\'s no security impact to the bug. | MEDIUM | Nov 4, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-3928 | vim is vulnerable to Use of Uninitialized Variable | MEDIUM | Nov 5, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-3927 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Nov 5, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-0920 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel | MEDIUM | Nov 5, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2020-27820 | A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\'s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if unbind the driver). | MEDIUM | Nov 4, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-43056 | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. | MEDIUM | Oct 28, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-41771 | ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. | MEDIUM | Oct 29, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-25219 | In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. | MEDIUM | Oct 29, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-3903 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Oct 28, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-3802 | A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. | MEDIUM | Oct 27, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-42739 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | MEDIUM | Oct 20, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-41990 | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur. | MEDIUM | Oct 21, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-35604 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | MEDIUM | Oct 22, 2021 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2021-20322 | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. | MEDIUM | Oct 20, 2021 | 10.19.45.21 (Wind River Linux LTS 19) |
CVE-2021-3872 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Oct 23, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-42252 | An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. | MEDIUM | Oct 12, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-20321 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | MEDIUM | Oct 18, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-3875 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Oct 15, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-42008 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. | MEDIUM | Oct 5, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-41864 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | MEDIUM | Oct 9, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-41099 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len configuration parameter to a very large value and constructing specially crafted network payloads or commands. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command. | MEDIUM | Oct 4, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-41092 | Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH. | MEDIUM | Oct 7, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-41091 | Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers. | MEDIUM | Oct 5, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-41089 | Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted. | MEDIUM | Oct 7, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-32687 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command. | MEDIUM | Oct 4, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-32675 | Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates. | MEDIUM | Oct 4, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-32672 | Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. | MEDIUM | Oct 8, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |
CVE-2021-32628 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command. | MEDIUM | Oct 4, 2021 | 10.19.45.20 (Wind River Linux LTS 19) |