Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002)
It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001)
Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739)
It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "5.10.0-1053.55", "binary_name": "linux-buildinfo-5.10.0-1053-oem" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-headers-5.10.0-1053-oem" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-image-unsigned-5.10.0-1053-oem" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-image-unsigned-5.10.0-1053-oem-dbgsym" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-modules-5.10.0-1053-oem" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-oem-5.10-headers-5.10.0-1053" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-oem-5.10-tools-5.10.0-1053" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-oem-5.10-tools-host" }, { "binary_version": "5.10.0-1053.55", "binary_name": "linux-tools-5.10.0-1053-oem" } ] }