It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543)
It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679)
Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732)
It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204)
It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1096.102", "binary_name": "linux-buildinfo-4.15.0-1096-raspi2" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-headers-4.15.0-1096-raspi2" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-image-4.15.0-1096-raspi2" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-image-4.15.0-1096-raspi2-dbgsym" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-modules-4.15.0-1096-raspi2" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-raspi2-headers-4.15.0-1096" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-raspi2-tools-4.15.0-1096" }, { "binary_version": "4.15.0-1096.102", "binary_name": "linux-tools-4.15.0-1096-raspi2" } ] }