Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/188180?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "type": "alpm", "namespace": "archlinux", "name": "linux-zen", "version": "5.11.11.zen1-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.11.12.arch1-1", "latest_non_vulnerable_version": "6.2-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80585?format=api", "vulnerability_id": "VCID-d1jg-6ybb-tyhj", "summary": "arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29657.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15003", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14918", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29657" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29657" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995153", "reference_id": "1995153", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995153" }, { "reference_url": "https://security.archlinux.org/AVG-1764", "reference_id": "AVG-1764", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1764" }, { "reference_url": "https://security.archlinux.org/AVG-1766", "reference_id": "AVG-1766", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1766" }, { "reference_url": "https://security.archlinux.org/AVG-1767", "reference_id": "AVG-1767", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1767" }, { "reference_url": "https://security.archlinux.org/AVG-1797", "reference_id": "AVG-1797", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4356", "reference_id": "RHSA-2021:4356", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4356" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188181?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.12.arch1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.12.arch1-1" } ], "aliases": [ "CVE-2021-29657" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1jg-6ybb-tyhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80603?format=api", "vulnerability_id": "VCID-g8bg-81c1-6ke7", "summary": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3483.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3483.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37597", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37504", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045", "reference_id": "1948045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045" }, { "reference_url": "https://security.archlinux.org/AVG-1764", "reference_id": "AVG-1764", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1764" }, { "reference_url": "https://security.archlinux.org/AVG-1766", "reference_id": "AVG-1766", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1766" }, { "reference_url": "https://security.archlinux.org/AVG-1767", "reference_id": "AVG-1767", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1767" }, { "reference_url": "https://security.archlinux.org/AVG-1797", "reference_id": "AVG-1797", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1797" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4979-1/", "reference_id": "USN-4979-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4979-1/" }, { "reference_url": "https://usn.ubuntu.com/4982-1/", "reference_id": "USN-4982-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4982-1/" }, { "reference_url": "https://usn.ubuntu.com/4984-1/", "reference_id": "USN-4984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4984-1/" }, { "reference_url": "https://usn.ubuntu.com/5299-1/", "reference_id": "USN-5299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5299-1/" }, { "reference_url": "https://usn.ubuntu.com/5343-1/", "reference_id": "USN-5343-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5343-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188181?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.12.arch1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.12.arch1-1" } ], "aliases": [ "CVE-2021-3483" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8bg-81c1-6ke7" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80579?format=api", "vulnerability_id": "VCID-128q-czk4-1few", "summary": "An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27735", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27668", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29264" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944689", "reference_id": "1944689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944689" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://usn.ubuntu.com/4946-1/", "reference_id": "USN-4946-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4946-1/" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4949-1/", "reference_id": "USN-4949-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4949-1/" }, { "reference_url": "https://usn.ubuntu.com/4982-1/", "reference_id": "USN-4982-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4982-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29264" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-128q-czk4-1few" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80583?format=api", "vulnerability_id": "VCID-2ycs-6wtr-fkbv", "summary": "An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/preload/bpf_preload_kern.c, aka CID-f60a85cad677.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29649.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29649.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30117", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29649" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945379", "reference_id": "1945379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945379" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29649" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ycs-6wtr-fkbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80581?format=api", "vulnerability_id": "VCID-65xn-urcq-bfge", "summary": "An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28167", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28096", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29646" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945345", "reference_id": "1945345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945345" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4140", "reference_id": "RHSA-2021:4140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4356", "reference_id": "RHSA-2021:4356", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4356" }, { "reference_url": "https://usn.ubuntu.com/4947-1/", "reference_id": "USN-4947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4947-1/" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4949-1/", "reference_id": "USN-4949-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4949-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29646" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65xn-urcq-bfge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80584?format=api", "vulnerability_id": "VCID-gv7d-f48b-v3h5", "summary": "An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0964", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.096", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945388", "reference_id": "1945388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945388" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3327", "reference_id": "RHSA-2021:3327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3328", "reference_id": "RHSA-2021:3328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4140", "reference_id": "RHSA-2021:4140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4356", "reference_id": "RHSA-2021:4356", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4356" }, { "reference_url": "https://usn.ubuntu.com/4945-1/", "reference_id": "USN-4945-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4945-1/" }, { "reference_url": "https://usn.ubuntu.com/4945-2/", "reference_id": "USN-4945-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4945-2/" }, { "reference_url": "https://usn.ubuntu.com/4946-1/", "reference_id": "USN-4946-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4946-1/" }, { "reference_url": "https://usn.ubuntu.com/4947-1/", "reference_id": "USN-4947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4947-1/" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4949-1/", "reference_id": "USN-4949-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4949-1/" }, { "reference_url": "https://usn.ubuntu.com/5343-1/", "reference_id": "USN-5343-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5343-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29650" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv7d-f48b-v3h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80582?format=api", "vulnerability_id": "VCID-jdfn-dr1d-fyfr", "summary": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29647.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29647.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29647", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26353", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26249", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29647" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945361", "reference_id": "1945361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945361" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4979-1/", "reference_id": "USN-4979-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4979-1/" }, { "reference_url": "https://usn.ubuntu.com/4982-1/", "reference_id": "USN-4982-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4982-1/" }, { "reference_url": "https://usn.ubuntu.com/4984-1/", "reference_id": "USN-4984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4984-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29647" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jdfn-dr1d-fyfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6877?format=api", "vulnerability_id": "VCID-pyc3-f5f2-gydb", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29648.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29648.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28704", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28777", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29648" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945373", "reference_id": "1945373", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945373" }, { "reference_url": "https://security.archlinux.org/AVG-1741", "reference_id": "AVG-1741", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1741" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-29648" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyc3-f5f2-gydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80560?format=api", "vulnerability_id": "VCID-tdfn-61ey-1fap", "summary": "The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32459", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32531", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28688" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-1747", "reference_id": "AVG-1747", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1747" }, { "reference_url": "https://security.archlinux.org/AVG-1748", "reference_id": "AVG-1748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1748" }, { "reference_url": "https://security.archlinux.org/AVG-1749", "reference_id": "AVG-1749", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1749" }, { "reference_url": "https://security.archlinux.org/AVG-1750", "reference_id": "AVG-1750", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1750" }, { "reference_url": "https://usn.ubuntu.com/4946-1/", "reference_id": "USN-4946-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4946-1/" }, { "reference_url": "https://usn.ubuntu.com/4948-1/", "reference_id": "USN-4948-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4948-1/" }, { "reference_url": "https://usn.ubuntu.com/4982-1/", "reference_id": "USN-4982-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4982-1/" }, { "reference_url": "https://usn.ubuntu.com/4984-1/", "reference_id": "USN-4984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4984-1/" }, { "reference_url": "https://usn.ubuntu.com/5343-1/", "reference_id": "USN-5343-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5343-1/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-371.html", "reference_id": "XSA-371", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-371.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/188180?format=api", "purl": "pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d1jg-6ybb-tyhj" }, { "vulnerability": "VCID-g8bg-81c1-6ke7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" } ], "aliases": [ "CVE-2021-28688" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tdfn-61ey-1fap" } ], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux-zen@5.11.11.zen1-1" }