VYPR

Kernel

by Linux

Source repositories

CVEs (15,537)

  • CVE-2019-10126CriJun 14, 2019
    risk 0.64cvss 9.8epss 0.07

    A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

  • CVE-2018-5703CriJan 16, 2018
    risk 0.64cvss 9.8epss 0.03

    The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.

  • CVE-2017-6211CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur.

  • CVE-2017-14909CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.

  • CVE-2017-13715CriAug 29, 2017
    risk 0.64cvss 9.8epss 0.10

    The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a…

  • CVE-2016-10343CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.

  • CVE-2017-12762CriAug 9, 2017
    risk 0.64cvss 9.8epss 0.05

    In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.

  • CVE-2017-5897CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.05

    The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.

  • CVE-2016-8459CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.

  • CVE-2016-8440CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747.

  • CVE-2016-8439CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804.

  • CVE-2016-8438CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.

  • CVE-2016-8437CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695.

  • CVE-2016-8398CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.02

    Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705.

  • CVE-2016-9555CriNov 28, 2016
    risk 0.64cvss 9.8epss 0.09

    The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted…

  • CVE-2016-5343CriOct 10, 2016
    risk 0.64cvss 9.8epss 0.03

    drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly…

  • CVE-2016-5344CriAug 30, 2016
    risk 0.64cvss 9.8epss 0.02

    Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size…

  • CVE-2015-0573CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.02

    drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly…

  • CVE-2014-9410CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.01

    The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows…

  • CVE-2022-0435HigMar 25, 2022
    risk 0.63cvss 8.8epss 0.68

    A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly…

Page 2 of 777