VYPR

Kernel

by Red Hat

CVEs (140)

  • CVE-2021-39736Mar 16, 2022
    risk 0.00cvss epss 0.00

    In prepare_io_entry and prepare_response of lwis_ioctl.c and lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39732Mar 16, 2022
    risk 0.00cvss epss 0.00

    In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39727Mar 16, 2022
    risk 0.00cvss epss 0.00

    In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39725Mar 16, 2022
    risk 0.00cvss epss 0.00

    In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39714Mar 16, 2022
    risk 0.00cvss epss 0.00

    In ion_buffer_kmap_get of ion.c, there is a possible use-after-free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39713Mar 16, 2022
    risk 0.00cvss epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel

  • CVE-2021-39711Mar 16, 2022
    risk 0.00cvss epss 0.00

    In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39681Jan 14, 2022
    risk 0.00cvss epss 0.00

    In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39680Jan 14, 2022
    risk 0.00cvss epss 0.00

    In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39647Dec 15, 2021
    risk 0.00cvss epss 0.00

    In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39642Dec 15, 2021
    risk 0.00cvss epss 0.00

    In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-1046Dec 15, 2021
    risk 0.00cvss epss 0.00

    In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39638Dec 15, 2021
    risk 0.00cvss epss 0.00

    In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39656Dec 15, 2021
    risk 0.00cvss epss 0.00

    In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39650Dec 15, 2021
    risk 0.00cvss epss 0.00

    In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2021-39649Dec 15, 2021
    risk 0.00cvss epss 0.00

    In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39648Dec 15, 2021
    risk 0.00cvss epss 0.00

    In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39640Dec 15, 2021
    risk 0.00cvss epss 0.00

    In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0961Dec 15, 2021
    risk 0.00cvss epss 0.00

    In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-1044Dec 15, 2021
    risk 0.00cvss epss 0.00

    In eicOpsDecryptAes128Gcm of acropora/app/identity/identity_support.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

Page 4 of 7