VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2021-4202HigMar 25, 2022
    risk 0.00cvss 7.0epss 0.00

    A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege…

  • CVE-2022-0854MedMar 23, 2022
    risk 0.00cvss 5.5epss 0.00

    A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.

  • CVE-2022-27666HigMar 23, 2022
    risk 0.00cvss 7.8epss 0.06

    A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

  • CVE-2022-0742CriMar 18, 2022
    risk 0.00cvss 9.1epss 0.05

    Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

  • CVE-2021-45868MedMar 18, 2022
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.

  • CVE-2022-27223HigMar 16, 2022
    risk 0.00cvss 8.8epss 0.02

    In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.

  • CVE-2022-26966MedMar 12, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.

  • CVE-2022-26878MedMar 11, 2022
    risk 0.00cvss 5.5epss 0.00

    drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed).

  • CVE-2022-0516HigMar 10, 2022
    risk 0.00cvss 7.8epss 0.00

    A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions…

  • CVE-2022-0433MedMar 10, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1.

  • CVE-2021-3739HigMar 10, 2022
    risk 0.00cvss 7.1epss 0.01

    A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest…

  • CVE-2021-3732MedMar 10, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

  • CVE-2022-26490HigMar 6, 2022
    risk 0.00cvss 7.8epss 0.00

    st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

  • CVE-2021-3744MedMar 4, 2022
    risk 0.00cvss 5.5epss 0.01

    A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

  • CVE-2021-3743HigMar 4, 2022
    risk 0.00cvss 7.1epss 0.01

    An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest…

  • CVE-2021-3640HigMar 3, 2022
    risk 0.00cvss 7.0epss 0.00

    A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable…

  • CVE-2021-4002MedMar 3, 2022
    risk 0.00cvss 4.4epss 0.01

    A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized…

  • CVE-2021-3609HigMar 3, 2022
    risk 0.00cvss 7.0epss 0.00

    .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege…

  • CVE-2021-3715HigMar 2, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their…

  • CVE-2022-25636HigFeb 24, 2022
    risk 0.00cvss 7.8epss 0.03

    net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Page 714 of 791