VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2019-11190MedApr 12, 2019
    risk 0.00cvss 4.7epss 0.00

    The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

  • CVE-2019-8956HigApr 1, 2019
    risk 0.00cvss 7.8epss 0.01

    In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

  • CVE-2019-9857MedMar 21, 2019
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a…

  • CVE-2019-9003HigFeb 22, 2019
    risk 0.00cvss 7.5epss 0.05

    In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

  • CVE-2018-20784CriFeb 22, 2019
    risk 0.00cvss 9.8epss 0.04

    In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

  • CVE-2017-18360MedJan 31, 2019
    risk 0.00cvss 5.5epss 0.00

    In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

  • CVE-2019-5489MedJan 7, 2019
    risk 0.00cvss 5.5epss 0.01

    The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the…

  • CVE-2019-3701MedJan 3, 2019
    risk 0.00cvss 4.4epss 0.01

    An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame…

  • CVE-2018-20511MedDec 27, 2018
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT…

  • CVE-2018-20169MedDec 17, 2018
    risk 0.00cvss 6.8epss 0.01

    An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.

  • CVE-2018-18397MedDec 12, 2018
    risk 0.00cvss 5.5epss 0.01

    The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains…

  • CVE-2018-19854MedDec 4, 2018
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user…

  • CVE-2018-19824HigDec 3, 2018
    risk 0.00cvss 7.8epss 0.01

    In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.

  • CVE-2018-14646MedNov 26, 2018
    risk 0.00cvss 5.5epss 0.00

    The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic…

  • CVE-2018-18281HigOct 30, 2018
    risk 0.00cvss 7.8epss 0.01

    Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits…

  • CVE-2018-18710MedOct 29, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to…

  • CVE-2018-18690MedOct 26, 2018
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in…

  • CVE-2018-18386LowOct 17, 2018
    risk 0.00cvss 3.3epss 0.00

    drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.

  • CVE-2018-18445HigOct 17, 2018
    risk 0.00cvss 7.8epss 0.01

    In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.

  • CVE-2018-14656HigOct 8, 2018
    risk 0.00cvss 7.0epss 0.01

    A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.

Page 732 of 791