VYPR

Linux Kernel

by Ubuntu

Source repositories

CVEs (1,168)

  • CVE-2022-1199HigAug 29, 2022
    risk 0.00cvss 7.5epss 0.02

    A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

  • CVE-2022-1198MedAug 29, 2022
    risk 0.00cvss 5.5epss 0.00

    A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.

  • CVE-2022-0812MedAug 29, 2022
    risk 0.00cvss 4.3epss 0.01

    An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.

  • CVE-2022-0168MedAug 26, 2022
    risk 0.00cvss 4.4epss 0.00

    A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to…

  • CVE-2021-4159MedAug 24, 2022
    risk 0.00cvss 4.4epss 0.00

    A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory…

  • CVE-2021-4037HigAug 24, 2022
    risk 0.00cvss 7.8epss 0.00

    A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a…

  • CVE-2021-4028HigAug 24, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could…

  • CVE-2021-3764MedAug 23, 2022
    risk 0.00cvss 5.5epss 0.00

    A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.

  • CVE-2021-3659MedAug 22, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system…

  • CVE-2022-1651HigJul 26, 2022
    risk 0.00cvss 7.1epss 0.00

    A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.

  • CVE-2020-36557MedJul 21, 2022
    risk 0.00cvss 5.1epss 0.00

    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.

  • CVE-2021-33655MedJul 18, 2022
    risk 0.00cvss 6.7epss 0.00

    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.

  • CVE-2022-33981LowJun 18, 2022
    risk 0.00cvss 3.3epss 0.01

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

  • CVE-2022-1998HigJun 9, 2022
    risk 0.00cvss 7.8epss 0.00

    A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2022-32296LowJun 5, 2022
    risk 0.00cvss 3.3epss 0.00

    The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

  • CVE-2022-1116HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

  • CVE-2022-1516MedMay 5, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash…

  • CVE-2022-1353HigApr 29, 2022
    risk 0.00cvss 7.1epss 0.00

    A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

  • CVE-2022-0500HigMar 25, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.

  • CVE-2022-0322MedMar 25, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of…

Page 42 of 59