VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2016-10208MedFeb 6, 2017
    risk 0.21cvss 4.3epss 0.00

    The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.

  • CVE-2026-53342modJul 1, 2026
    risk 0.19cvss epss 0.00

    kernel: arm64: mm: call pagetable dtor when freeing hot-removed page tables

  • CVE-2019-19073MedNov 18, 2019
    risk 0.19cvss 4.0epss 0.01

    Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the…

  • CVE-2019-13272HigKEVJul 17, 2019
    risk 0.19cvss 7.8epss 0.52

    In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process…

  • CVE-2016-0823MedMar 12, 2016
    risk 0.19cvss 4.0epss 0.00

    The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.

  • CVE-2015-8575MedFeb 8, 2016
    risk 0.19cvss 4.0epss 0.01

    The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

  • CVE-2015-8374MedDec 28, 2015
    risk 0.19cvss 4.0epss 0.01

    fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

  • CVE-2023-32251LowJul 31, 2025
    risk 0.17cvss 3.7epss 0.00

    A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This…

  • CVE-2023-52746LowMay 21, 2024
    risk 0.16cvss 2.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() int type = nla_type(nla); if (type > XFRMA_MAX) { return -EOPNOTSUPP; } @type is then used as an array index and can…

  • CVE-2023-52620LowMar 21, 2024
    risk 0.16cvss 2.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.

  • CVE-2023-0386HigKEVMar 22, 2023
    risk 0.16cvss 7.8epss 0.08

    A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a…

  • CVE-2019-11191LowApr 12, 2019
    risk 0.16cvss 2.5epss 0.01

    The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the…

  • CVE-2021-47440LowMay 22, 2024
    risk 0.15cvss 2.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing…

  • CVE-2021-3923LowMar 27, 2023
    risk 0.15cvss 2.3epss 0.00

    A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user…

  • CVE-2018-1118LowMay 10, 2018
    risk 0.15cvss 2.3epss 0.00

    Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading…

  • CVE-2026-46057LowMay 27, 2026
    risk 0.14cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork() hook_cred_transfer() only copies the Landlock security blob when the source credential has a domain. This is inconsistent with…

  • CVE-2024-41027LowJul 29, 2024
    risk 0.14cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: Fix userfaultfd_api to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config we fail silently and return all the available features. However, the man page indicates…

  • CVE-2024-41007LowJul 15, 2024
    risk 0.14cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for…

  • CVE-2024-26992LowMay 1, 2024
    risk 0.14cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architecturally broken without an obvious/easy path forward, and because exposing…

  • CVE-2020-36766LowSep 18, 2023
    risk 0.14cvss 3.3epss 0.00

    An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.

Page 586 of 794