VYPR

linux-kernel

by Linux

CVEs (30)

  • CVE-2022-1247HigAug 31, 2022
    risk 0.46cvss 7.0epss 0.00

    An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and…

  • CVE-2022-1973HigAug 5, 2022
    risk 0.46cvss 7.1epss 0.00

    A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

  • CVE-2021-4150MedMar 23, 2022
    risk 0.36cvss 5.5epss 0.00

    A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a…

  • CVE-2021-4095MedMar 10, 2022
    risk 0.36cvss 5.5epss 0.00

    A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a…

  • CVE-2022-0494MedMar 25, 2022
    risk 0.29cvss 4.4epss 0.00

    A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

  • CVE-2022-1975MedAug 31, 2022
    risk 0.00cvss 5.5epss 0.00

    There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

  • CVE-2022-1974MedAug 31, 2022
    risk 0.00cvss 4.1epss 0.00

    A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

  • CVE-2022-1263MedAug 31, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

  • CVE-2022-1198MedAug 29, 2022
    risk 0.00cvss 5.5epss 0.00

    A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.

  • CVE-2022-0812MedAug 29, 2022
    risk 0.00cvss 4.3epss 0.01

    An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.

  • CVE-2022-1852MedJun 30, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.

  • CVE-2022-1943HigJun 2, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially

  • CVE-2022-1116HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

  • CVE-2021-4202HigMar 25, 2022
    risk 0.00cvss 7.0epss 0.00

    A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege…

  • CVE-2022-0516HigMar 10, 2022
    risk 0.00cvss 7.8epss 0.00

    A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions…

  • CVE-2021-3739HigMar 10, 2022
    risk 0.00cvss 7.1epss 0.01

    A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest…

  • CVE-2021-3744MedMar 4, 2022
    risk 0.00cvss 5.5epss 0.01

    A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

  • CVE-2021-3609HigMar 3, 2022
    risk 0.00cvss 7.0epss 0.00

    .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege…

  • CVE-2021-3753MedFeb 16, 2022
    risk 0.00cvss 4.7epss 0.00

    A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data…

  • CVE-2022-0617MedFeb 16, 2022
    risk 0.00cvss 5.5epss 0.01

    A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

Page 1 of 2