VYPR

Linux Kernel

by Linux

CVEs (22)

  • CVE-2024-0565MedJan 15, 2024
    risk 0.44cvss 6.8epss 0.02

    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

  • CVE-2023-6238MedNov 21, 2023
    risk 0.44cvss 6.7epss 0.00

    A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing…

  • CVE-2023-6240MedFeb 4, 2024
    risk 0.42cvss 6.5epss 0.01

    A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.

  • CVE-2024-22099MedJan 25, 2024
    risk 0.41cvss 6.3epss 0.01

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2024-23850MedJan 23, 2024
    risk 0.36cvss 5.5epss 0.00

    In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.

  • CVE-2023-6679MedDec 11, 2023
    risk 0.36cvss 5.5epss 0.00

    A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

  • CVE-2023-4569MedAug 28, 2023
    risk 0.36cvss 5.5epss 0.00

    A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

  • CVE-2024-23307MedJan 25, 2024
    risk 0.29cvss 4.4epss 0.01

    Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

  • CVE-2024-0340MedJan 9, 2024
    risk 0.29cvss 4.4epss 0.00

    A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local…

  • CVE-2023-7042MedDec 21, 2023
    risk 0.29cvss 4.4epss 0.00

    A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.

  • CVE-2024-21803LowJan 30, 2024
    risk 0.23cvss 3.5epss 0.01

    Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue…

  • CVE-2023-51043HigJan 23, 2024
    risk 0.00cvss 7.0epss 0.00

    In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.

  • CVE-2024-23849MedJan 23, 2024
    risk 0.00cvss 5.5epss 0.00

    In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.

  • CVE-2023-51781HigJan 11, 2024
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.

  • CVE-2023-51780HigJan 11, 2024
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

  • CVE-2023-50431MedDec 9, 2023
    risk 0.00cvss 5.5epss 0.00

    sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.

  • CVE-2023-6039MedNov 9, 2023
    risk 0.00cvss 5.5epss 0.00

    A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.

  • CVE-2023-4385MedAug 16, 2023
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.

  • CVE-2023-26545MedFeb 25, 2023
    risk 0.00cvss 4.7epss 0.00

    In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

  • CVE-2022-34495MedJun 26, 2022
    risk 0.00cvss 5.5epss 0.00

    rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.

Page 1 of 2