VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2022-1651HigJul 26, 2022
    risk 0.00cvss 7.1epss 0.00

    A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.

  • CVE-2022-2327HigJul 22, 2022
    risk 0.00cvss 7.5epss 0.00

    io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to…

  • CVE-2020-36558MedJul 21, 2022
    risk 0.00cvss 5.1epss 0.00

    A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.

  • CVE-2020-36557MedJul 21, 2022
    risk 0.00cvss 5.1epss 0.00

    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.

  • CVE-2021-33655MedJul 18, 2022
    risk 0.00cvss 6.7epss 0.00

    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.

  • CVE-2021-4135MedJul 14, 2022
    risk 0.00cvss 5.5epss 0.00

    A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.

  • CVE-2022-2380MedJul 13, 2022
    risk 0.00cvss 5.5epss 0.00

    The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.

  • CVE-2022-2318MedJul 6, 2022
    risk 0.00cvss 5.5epss 0.00

    There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

  • CVE-2022-2078MedJun 30, 2022
    risk 0.00cvss 5.5epss 0.01

    A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

  • CVE-2022-1852MedJun 30, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.

  • CVE-2022-34495MedJun 26, 2022
    risk 0.00cvss 5.5epss 0.00

    rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.

  • CVE-2022-34494MedJun 26, 2022
    risk 0.00cvss 5.5epss 0.00

    rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.

  • CVE-2022-33981LowJun 18, 2022
    risk 0.00cvss 3.3epss 0.01

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

  • CVE-2022-32981HigJun 10, 2022
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.

  • CVE-2022-1998HigJun 9, 2022
    risk 0.00cvss 7.8epss 0.00

    A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2022-32296LowJun 5, 2022
    risk 0.00cvss 3.3epss 0.00

    The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

  • CVE-2022-32250HigJun 2, 2022
    risk 0.00cvss 7.8epss 0.03

    net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

  • CVE-2022-1943HigJun 2, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially

  • CVE-2022-1678MedMay 25, 2022
    risk 0.00cvss 5.9epss 0.03

    An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

  • CVE-2022-1734HigMay 18, 2022
    risk 0.00cvss 7.0epss 0.01

    A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

Page 712 of 791