VYPR

Kernel

by Linux

Source repositories

CVEs (15,818)

  • CVE-2024-36913HigMay 30, 2024
    risk 0.53cvss 8.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned…

  • CVE-2024-36912HigMay 30, 2024
    risk 0.53cvss 8.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and…

  • CVE-2021-47368HigMay 21, 2024
    risk 0.53cvss 8.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_t parameter in the irq descriptor, and that reference can be accessed later from…

  • CVE-2021-47023HigFeb 28, 2024
    risk 0.53cvss 8.2epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix port event handling on init For some reason there might be a crash during ports creation if port events are handling at the same time because fw may send initial port event with…

  • CVE-2023-39191HigOct 4, 2023
    risk 0.53cvss 8.2epss 0.01

    An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to…

  • CVE-2023-32258HigJul 24, 2023
    risk 0.53cvss 8.1epss 0.03

    A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker…

  • CVE-2023-32257HigJul 24, 2023
    risk 0.53cvss 8.1epss 0.02

    A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An…

  • CVE-2020-14305HigDec 2, 2020
    risk 0.53cvss 8.1epss 0.05

    An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest…

  • CVE-2019-19770HigDec 12, 2019
    risk 0.53cvss 8.2epss 0.02

    In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE:…

  • CVE-2018-18559HigOct 22, 2018
    risk 0.53cvss 8.1epss 0.03

    In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code…

  • CVE-2016-3707HigJun 27, 2016
    risk 0.53cvss 8.1epss 0.03

    The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands…

  • CVE-2011-3188CriMay 24, 2012
    risk 0.53cvss 9.1epss 0.06

    The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network…

  • CVE-2011-2189HigOct 10, 2011
    risk 0.53cvss 7.5epss 0.18

    net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires…

  • CVE-2004-0816HigDec 23, 2004
    risk 0.53cvss 7.5epss 0.12

    Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

  • CVE-2026-46266CriJun 3, 2026
    risk 0.52cvss 9.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTO_RAW (255) was dangerous. socket(AF_INET, SOCK_RAW, 255); A malicious…

  • CVE-2026-46244CriJun 3, 2026
    risk 0.52cvss 9.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), when processing inner IPv6 packets, ipv6_find_hdr() correctly computes the transport header offset traversing all extension headers,…

  • CVE-2026-46185CriMay 28, 2026
    risk 0.52cvss 9.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlink_data() Since smb2_check_message() returns success without length validation for the symlink error response, in symlink_data() it is possible for iov->iov_len to be…

  • CVE-2026-46155CriMay 28, 2026
    risk 0.52cvss 9.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2_compound_op() If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, check_wsl_eas() returns success without…

  • CVE-2026-46119CriMay 28, 2026
    risk 0.52cvss 9.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY contains a positive value in its result field, it is treated as an error code…

  • CVE-2026-46043CriMay 27, 2026
    risk 0.52cvss 9.1epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() currently checks only that the incoming packet is at least header_size(pkt) bytes long before payload_size() is used. However,…

Page 12 of 791