VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2022-2977HigSep 14, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate…

  • CVE-2022-3202HigSep 14, 2022
    risk 0.00cvss 7.1epss 0.00

    A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.

  • CVE-2022-3170HigSep 13, 2022
    risk 0.00cvss 7.8epss 0.00

    An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially…

  • CVE-2022-3077MedSep 9, 2022
    risk 0.00cvss 5.5epss 0.00

    A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.

  • CVE-2022-40307MedSep 9, 2022
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

  • CVE-2022-39842MedSep 5, 2022
    risk 0.00cvss 6.1epss 0.01

    An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third…

  • CVE-2022-39190MedSep 2, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.

  • CVE-2022-39189HigSep 2, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.

  • CVE-2022-39188MedSep 2, 2022
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.

  • CVE-2022-3078MedSep 1, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c.

  • CVE-2022-1729HigSep 1, 2022
    risk 0.00cvss 7.0epss 0.00

    A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

  • CVE-2022-3061MedSep 1, 2022
    risk 0.00cvss 5.5epss 0.00

    Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.

  • CVE-2020-27784MedSep 1, 2022
    risk 0.00cvss 5.5epss 0.00

    A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().

  • CVE-2022-3028HigAug 31, 2022
    risk 0.00cvss 7.0epss 0.00

    A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory…

  • CVE-2022-2153MedAug 31, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific…

  • CVE-2022-1975MedAug 31, 2022
    risk 0.00cvss 5.5epss 0.00

    There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

  • CVE-2022-1974MedAug 31, 2022
    risk 0.00cvss 4.1epss 0.00

    A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

  • CVE-2022-1508MedAug 31, 2022
    risk 0.00cvss 6.1epss 0.00

    An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.

  • CVE-2022-1263MedAug 31, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

  • CVE-2022-1205MedAug 31, 2022
    risk 0.00cvss 4.7epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.

Page 710 of 791