AVG-1958 log

Package linux
Status Fixed
Severity Medium
Type multiple issues
Affected 5.12.3.arch2-1
Fixed 5.12.4.arch1-1
Current 5.14.14.arch1-1 [core]
Ticket None
Created Fri May 14 15:55:19 2021
Issue Severity Remote Type Description
CVE-2021-33034 Medium No Arbitrary code execution
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing...
CVE-2021-32399 Medium No Arbitrary code execution
net/bluetooth/hci_request.c in the Linux kernel before version 5.12.4 has a race condition for removal of the HCI controller.
CVE-2021-31440 Medium No Privilege escalation
This vulnerability allows local attackers to escalate privileges on affected installations of the Linux kernel before version 5.12.4. An attacker must first...
CVE-2021-23134 Medium No Privilege escalation
A use after free security issue has been found in the Linux kernel before version 5.12.4 in the implementation of nfc sockets (in net/nfc/llcp_sock.c),...
CVE-2021-23133 Medium No Privilege escalation
A race condition was found in the Linux kernel before version 5.12.4 in sctp_destroy_sock. If sctp_destroy_sock is called without...
CVE-2021-3491 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that the io_uring PROVIDE_BUFFERS operation allowed the MAX_RW_COUNT...
CVE-2021-3490 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR)...
CVE-2021-3489 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that eBPF RINGBUF bpf_ringbuf_reserve did not check that the...