VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2024-38605HigJun 19, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b ("ALSA: core: Warn on empty module") introduced a WARN_ON() for a NULL module pointer passed at snd_card object creation, and…

  • CVE-2023-52798HigMay 21, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical…

  • CVE-2023-52755HigMay 21, 2024
    risk 0.57cvss 8.4epss 0.27

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smb_inherit_dacl() slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using…

  • CVE-2021-47347HigMay 21, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size.

  • CVE-2021-47324HigMay 21, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may…

  • CVE-2021-47323HigMay 21, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer…

  • CVE-2024-35955HigMay 20, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULE_STATE_LIVE -> MODULE_STATE_GOING -> MODULE_STATE_UNFORMED. Each change will take a time.…

  • CVE-2024-35854HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region…

  • CVE-2024-35814HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb ("swiotlb: fix a braino in the alignment check fix"), which was a fix for commit 0eee5ae10256 ("swiotlb: fix slot…

  • CVE-2021-3653HigSep 29, 2021
    risk 0.57cvss 8.8epss 0.00

    A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue…

  • CVE-2020-29569HigDec 15, 2020
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly…

  • CVE-2019-17666HigOct 17, 2019
    risk 0.57cvss 8.8epss 0.03

    rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • CVE-2019-14821HigSep 19, 2019
    risk 0.57cvss 8.8epss 0.01

    An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices…

  • CVE-2016-10764CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

  • CVE-2012-6712CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

  • CVE-2011-5327CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.04

    In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.

  • CVE-2007-6762CriJul 27, 2019
    risk 0.57cvss 9.8epss 0.03

    In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

  • CVE-2018-16882HigJan 3, 2019
    risk 0.57cvss 8.8epss 0.00

    A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without…

  • CVE-2015-1328HigNov 28, 2016
    risk 0.57cvss 7.8epss 0.38

    The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration…

  • CVE-2015-8787CriFeb 8, 2016
    risk 0.57cvss 9.8epss 0.09

    The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an…

Page 8 of 791