CVE-2021-0961

MEDIUM Year: 2021
CVSS v3 Score
4.4
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-909
View all →

Vulnerability Description

In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel

Related Vulnerabilities

CVE-2019-19536

MEDIUM
CVSS:4.6(Medium)

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.

CWE-9092019

CVE-2020-20739

MEDIUM
CVSS:5.3(Medium)

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.

CWE-9092020

CVE-2020-25579

MEDIUM
CVSS:5.3(Medium)

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fiel...

CWE-9092020

CVE-2021-22482

MEDIUM
CVSS:5.3(Medium)

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.

CWE-9092021

CVE-2024-32945

MEDIUM
CVSS:5.3(Medium)

Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with...

CWE-9092024

CVE-2017-0730

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279112.

CWE-9092017