CVE-2021-4159

MEDIUM Year: 2021
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-202
View all →

Vulnerability Description

A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.

Related Vulnerabilities

CVE-2021-34782

MEDIUM
CVSS:4.3(Medium)

A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid ...

CWE-2022021

CVE-2023-1625

MEDIUM
CVSS:5.0(Medium)

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. ...

CWE-2022023

CVE-2023-0785

LOW
CVSS:3.7(Low)

A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file check_availability.php. The ma...

CWE-2022023

CVE-2023-20215

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a ne...

CWE-2022023

CVE-2024-20388

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. ...

CWE-2022024

CVE-2024-38895

MEDIUM
CVSS:5.3(Medium)

WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information.

CWE-2022024