VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2021-3348HigFeb 1, 2021
    risk 0.00cvss 7.0epss 0.00

    nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.

  • CVE-2020-16119MedJan 14, 2021
    risk 0.00cvss 6.3epss 0.00

    Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224,…

  • CVE-2020-27777MedDec 15, 2020
    risk 0.00cvss 6.7epss 0.01

    A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further…

  • CVE-2020-27786HigDec 11, 2020
    risk 0.00cvss 7.8epss 0.02

    A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of…

  • CVE-2020-29661HigDec 9, 2020
    risk 0.00cvss 7.8epss 0.01

    A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

  • CVE-2020-29660MedDec 9, 2020
    risk 0.00cvss 4.4epss 0.00

    A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

  • CVE-2020-29534HigDec 3, 2020
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.

  • CVE-2020-14381HigDec 3, 2020
    risk 0.00cvss 7.8epss 0.01

    A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to…

  • CVE-2020-25704MedDec 2, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

  • CVE-2020-29374LowNov 28, 2020
    risk 0.00cvss 3.6epss 0.00

    An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended…

  • CVE-2020-29373MedNov 28, 2020
    risk 0.00cvss 6.5epss 0.01

    An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.

  • CVE-2020-29371LowNov 28, 2020
    risk 0.00cvss 3.3epss 0.01

    An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.

  • CVE-2020-29370HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

  • CVE-2020-29369HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.

  • CVE-2020-29368HigNov 28, 2020
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

  • CVE-2019-20934MedNov 28, 2020
    risk 0.00cvss 5.3epss 0.00

    An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.

  • CVE-2020-28974MedNov 20, 2020
    risk 0.00cvss 5.0epss 0.01

    A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations…

  • CVE-2020-28915MedNov 18, 2020
    risk 0.00cvss 5.8epss 0.00

    A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

  • CVE-2020-27152MedNov 6, 2020
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.

  • CVE-2020-27675MedOct 22, 2020
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as…

Page 721 of 791