VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2024-38394MedJun 16, 2024
    risk 0.28cvss 4.3epss 0.00

    Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB…

  • CVE-2021-47031MedFeb 28, 2024
    risk 0.28cvss 4.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix memory leak in mt7921_coredump_work Fix possible memory leak in mt7921_coredump_work.

  • CVE-2023-6121MedNov 16, 2023
    risk 0.28cvss 4.3epss 0.02

    An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the…

  • CVE-2023-47233MedNov 3, 2023
    risk 0.28cvss 4.3epss 0.00

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is…

  • CVE-2022-3435MedOct 8, 2022
    risk 0.28cvss 4.3epss 0.04

    A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It…

  • CVE-2010-5321MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.00

    Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a…

  • CVE-2016-5400MedAug 6, 2016
    risk 0.28cvss 4.3epss 0.00

    Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV…

  • CVE-2013-7446MedDec 28, 2015
    risk 0.28cvss 5.3epss 0.01

    Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

  • CVE-2022-50358MedSep 17, 2025
    risk 0.27cvss 4.2epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when…

  • CVE-2023-32255MedAug 2, 2025
    risk 0.27cvss 5.3epss 0.00

    A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion.

  • CVE-2024-42229MedJul 30, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish…

  • CVE-2024-42158MedJul 30, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for…

  • CVE-2024-42157MedJul 30, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails.

  • CVE-2024-42156MedJul 30, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.

  • CVE-2021-47534MedMay 24, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drm_crtc_commit_put Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a global state for the HVS, with each FIFO storing the current CRTC…

  • CVE-2023-52870MedMay 21, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

  • CVE-2023-52862MedMay 21, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. The original…

  • CVE-2024-26652MedMar 27, 2024
    risk 0.27cvss 4.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: pds_core: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release calls kfree(padev)…

  • CVE-2022-41848MedSep 30, 2022
    risk 0.27cvss 4.2epss 0.00

    drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.

  • CVE-2020-25656MedDec 2, 2020
    risk 0.27cvss 4.1epss 0.00

    A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data…

Page 578 of 794