VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2021-47430LowMay 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit …

  • CVE-2021-47317LowMay 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fix detecting BPF atomic instructions Commit 91c960b0056672 ("bpf: Rename BPF_XADD and prepare to encode other atomics in .imm") converted BPF_XADD to BPF_ATOMIC and added a way to distinguish…

  • CVE-2024-35935LowMay 19, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path buffer fails. The pointers are not printed so we don't accidentally leak kernel…

  • CVE-2022-48668LowApr 28, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided…

  • CVE-2022-48667LowApr 28, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading…

  • CVE-2024-26911LowApr 17, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix alloc_range() error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever…

  • CVE-2024-26764LowApr 3, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at…

  • CVE-2021-47089LowMar 4, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s)…

  • CVE-2021-47000LowFeb 28, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry

  • CVE-2021-46971LowFeb 27, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit is set in…

  • CVE-2021-46934LowFeb 27, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data…

  • CVE-2024-24861LowFeb 5, 2024
    risk 0.21cvss 3.3epss 0.00

    A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.

  • CVE-2023-39194LowOct 9, 2023
    risk 0.21cvss 3.2epss 0.00

    A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds…

  • CVE-2021-21781LowAug 18, 2021
    risk 0.21cvss 3.3epss 0.01

    An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An…

  • CVE-2021-3655LowAug 5, 2021
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

  • CVE-2021-22555HigKEVJul 7, 2021
    risk 0.21cvss 8.3epss 0.79

    A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

  • CVE-2021-20239LowMay 28, 2021
    risk 0.21cvss 3.3epss 0.00

    A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

  • CVE-2018-6559LowOct 26, 2018
    risk 0.21cvss 3.3epss 0.01

    The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.

  • CVE-2017-17864LowDec 27, 2017
    risk 0.21cvss 3.3epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

  • CVE-2017-17807LowDec 20, 2017
    risk 0.21cvss 3.3epss 0.00

    The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring…

Page 585 of 794