VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2022-29581HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

  • CVE-2022-1116HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

  • CVE-2022-30594HigMay 12, 2022
    risk 0.00cvss 7.8epss 0.01

    The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

  • CVE-2022-1516MedMay 5, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash…

  • CVE-2022-29968HigMay 2, 2022
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

  • CVE-2022-1353HigApr 29, 2022
    risk 0.00cvss 7.1epss 0.00

    A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

  • CVE-2022-1195MedApr 29, 2022
    risk 0.00cvss 5.5epss 0.00

    A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.

  • CVE-2022-29582HigApr 22, 2022
    risk 0.00cvss 7.0epss 0.01

    In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.

  • CVE-2022-29156HigApr 13, 2022
    risk 0.00cvss 7.8epss 0.00

    drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.

  • CVE-2022-28893HigApr 11, 2022
    risk 0.00cvss 7.8epss 0.00

    The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

  • CVE-2022-28796HigApr 8, 2022
    risk 0.00cvss 7.0epss 0.00

    jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

  • CVE-2022-28390HigApr 3, 2022
    risk 0.00cvss 7.8epss 0.00

    ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.

  • CVE-2022-28389MedApr 3, 2022
    risk 0.00cvss 5.5epss 0.00

    mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

  • CVE-2022-28388MedApr 3, 2022
    risk 0.00cvss 5.5epss 0.00

    usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.

  • CVE-2022-28356MedApr 2, 2022
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

  • CVE-2022-1055HigMar 29, 2022
    risk 0.00cvss 7.8epss 0.01

    A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

  • CVE-2022-27950MedMar 28, 2022
    risk 0.00cvss 5.5epss 0.00

    In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition.

  • CVE-2022-0500HigMar 25, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.

  • CVE-2022-0322MedMar 25, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of…

  • CVE-2021-4203MedMar 25, 2022
    risk 0.00cvss 6.8epss 0.02

    A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

Page 713 of 791