VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2022-0185HigKEVFeb 11, 2022
    risk 0.14cvss 8.4epss 0.25

    A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs…

  • CVE-2024-42155LowJul 30, 2024
    risk 0.12cvss 1.9epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all…

  • CVE-2023-0266HigKEVJan 30, 2023
    risk 0.12cvss 7.9epss 0.04

    A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend…

  • CVE-2021-22600MedKEVJan 26, 2022
    risk 0.12cvss 6.6epss 0.06

    A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

  • CVE-2003-0001Jan 17, 2003
    risk 0.09cvss epss 0.73

    Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

  • CVE-1999-0513Jan 5, 1998
    risk 0.09cvss epss 0.70

    ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

  • CVE-1999-0128Dec 18, 1996
    risk 0.09cvss epss 0.74

    Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

  • CVE-2019-11478MedJun 19, 2019
    risk 0.08cvss 5.3epss 0.95

    Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been…

  • CVE-2019-11477HigJun 19, 2019
    risk 0.08cvss 7.5epss 0.99

    Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel…

  • CVE-2015-8569LowDec 28, 2015
    risk 0.08cvss 2.3epss 0.00

    The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted…

  • CVE-2015-7885LowDec 28, 2015
    risk 0.08cvss 2.3epss 0.00

    The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

  • CVE-2015-7884LowDec 28, 2015
    risk 0.08cvss 2.3epss 0.00

    The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

  • CVE-2019-11479HigJun 19, 2019
    risk 0.07cvss 7.5epss 0.92

    Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been…

  • CVE-2023-0210HigMar 27, 2023
    risk 0.06cvss 7.5epss 0.72

    A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.

  • CVE-2018-5390HigAug 6, 2018
    risk 0.06cvss 7.5epss 0.74

    Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

  • CVE-2022-47938MedDec 23, 2022
    risk 0.05cvss 6.5epss 0.58

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

  • CVE-2021-43267CriNov 2, 2021
    risk 0.05cvss 9.8epss 0.58

    An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

  • CVE-2021-3490HigJun 4, 2021
    risk 0.05cvss 7.8epss 0.27

    The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit…

  • CVE-2010-1173May 7, 2010
    risk 0.05cvss epss 0.21

    The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a…

  • CVE-2006-2444May 25, 2006
    risk 0.05cvss epss 0.21

    The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees…

Page 587 of 794