{"vulnerability": "CVE-2021-3820", "sightings": [{"uuid": "2c1e444b-538e-4012-8fb9-d3dae094cd10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3820", "type": "seen", "source": "https://t.me/cibsecurity/29454", "content": "\u203c CVE-2021-3820 \u203c\n\ninflect is vulnerable to Inefficient Regular Expression Complexity\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T16:34:53.000000Z"}, {"uuid": "a5ab70dd-caf4-4b9d-be43-f44a42a6a445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38203", "type": "seen", "source": "https://t.me/cibsecurity/27007", "content": "\u203c CVE-2021-38203 \u203c\n\nbtrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:17.000000Z"}, {"uuid": "7c675f30-64ac-414d-a8fb-71b2d7f515bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38202", "type": "seen", "source": "https://t.me/cibsecurity/27006", "content": "\u203c CVE-2021-38202 \u203c\n\nfs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:16.000000Z"}, {"uuid": "442ddd2e-1072-4f95-a30d-75a3fea66356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38200", "type": "seen", "source": "https://t.me/cibsecurity/27005", "content": "\u203c CVE-2021-38200 \u203c\n\narch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a \"perf record\" command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:15.000000Z"}, {"uuid": "1c3d9b5b-8068-4626-ab8b-cbe9de5edfab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38209", "type": "seen", "source": "https://t.me/cibsecurity/27002", "content": "\u203c CVE-2021-38209 \u203c\n\nnet/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:11.000000Z"}, {"uuid": "5ee51f85-fbfd-48e3-90b1-6012d42bd1e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38201", "type": "seen", "source": "https://t.me/cibsecurity/27001", "content": "\u203c CVE-2021-38201 \u203c\n\nnet/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:10.000000Z"}, {"uuid": "2f416203-543e-403c-9c49-6b25f711dabf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38206", "type": "seen", "source": "https://t.me/cibsecurity/27000", "content": "\u203c CVE-2021-38206 \u203c\n\nThe mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:06.000000Z"}, {"uuid": "d0eb8e5f-d398-433e-bc12-9dd0b1269528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38207", "type": "seen", "source": "https://t.me/cibsecurity/26998", "content": "\u203c CVE-2021-38207 \u203c\n\ndrivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:04.000000Z"}, {"uuid": "03e2ef03-d7b6-464f-8db3-ab31ada418f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38205", "type": "seen", "source": "https://t.me/cibsecurity/26997", "content": "\u203c CVE-2021-38205 \u203c\n\ndrivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:03.000000Z"}, {"uuid": "f1478c85-0dbd-4ed9-907d-764efd192663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38204", "type": "seen", "source": "https://t.me/cibsecurity/27004", "content": "\u203c CVE-2021-38204 \u203c\n\ndrivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:13.000000Z"}, {"uuid": "ccca2ccc-60c7-4489-a988-1971f869eac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38208", "type": "seen", "source": "https://t.me/cibsecurity/27003", "content": "\u203c CVE-2021-38208 \u203c\n\nnet/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:12.000000Z"}]}