VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2020-28097MedJun 24, 2021
    risk 0.00cvss 5.9epss 0.01

    The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.

  • CVE-2021-32078HigJun 17, 2021
    risk 0.00cvss 7.1epss 0.01

    An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4.

  • CVE-2020-36387HigJun 7, 2021
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

  • CVE-2020-36386HigJun 7, 2021
    risk 0.00cvss 7.1epss 0.01

    An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.

  • CVE-2019-25045HigJun 7, 2021
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

  • CVE-2018-25015HigJun 7, 2021
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

  • CVE-2020-36385HigJun 7, 2021
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

  • CVE-2021-3491HigJun 4, 2021
    risk 0.00cvss 7.8epss 0.01

    The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code…

  • CVE-2021-3489HigJun 4, 2021
    risk 0.00cvss 7.8epss 0.01

    The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via…

  • CVE-2021-33200HigMay 27, 2021
    risk 0.00cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In…

  • CVE-2020-27815HigMay 26, 2021
    risk 0.00cvss 7.8epss 0.01

    A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality,…

  • CVE-2020-25669HigMay 26, 2021
    risk 0.00cvss 7.8epss 0.01

    A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.

  • CVE-2020-25668HigMay 26, 2021
    risk 0.00cvss 7.0epss 0.01

    A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

  • CVE-2021-31440HigMay 21, 2021
    risk 0.00cvss 7.0epss 0.02

    This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists…

  • CVE-2021-33034HigMay 14, 2021
    risk 0.00cvss 7.8epss 0.01

    In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

  • CVE-2019-25044HigMay 14, 2021
    risk 0.00cvss 7.8epss 0.01

    The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.

  • CVE-2021-23134HigMay 12, 2021
    risk 0.00cvss 7.8epss 0.00

    Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

  • CVE-2021-32606HigMay 11, 2021
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)

  • CVE-2021-32399HigMay 10, 2021
    risk 0.00cvss 7.0epss 0.01

    net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

  • CVE-2021-31916MedMay 6, 2021
    risk 0.00cvss 6.7epss 0.01

    An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds…

Page 718 of 791