VYPR

Linux Kernel

by Ubuntu

Source repositories

CVEs (1,374)

  • CVE-2021-4154HigFeb 4, 2022
    risk 0.00cvss 8.8epss 0.01

    A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and…

  • CVE-2022-0286MedJan 31, 2022
    risk 0.00cvss 5.5epss 0.01

    A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.

  • CVE-2022-24122HigJan 29, 2022
    risk 0.00cvss 7.8epss 0.01

    kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.

  • CVE-2021-4083HigJan 18, 2022
    risk 0.00cvss 7.0epss 0.00

    A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or…

  • CVE-2021-46283MedJan 11, 2022
    risk 0.00cvss 5.5epss 0.00

    nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a…

  • CVE-2021-45485HigDec 25, 2021
    risk 0.00cvss 7.5epss 0.04

    In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

  • CVE-2021-44733HigDec 22, 2021
    risk 0.00cvss 7.0epss 0.01

    A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

  • CVE-2018-25020HigDec 8, 2021
    risk 0.00cvss 7.8epss 0.01

    The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and…

  • CVE-2021-43976MedNov 17, 2021
    risk 0.00cvss 4.6epss 0.01

    In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

  • CVE-2021-43975MedNov 17, 2021
    risk 0.00cvss 6.7epss 0.01

    In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

  • CVE-2021-43057HigOct 28, 2021
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an…

  • CVE-2021-42327MedOct 21, 2021
    risk 0.00cvss 6.7epss 0.01

    dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within…

  • CVE-2021-42252HigOct 11, 2021
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka…

  • CVE-2021-42008HigOct 5, 2021
    risk 0.00cvss 7.8epss 0.01

    The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

  • CVE-2021-41864HigOct 2, 2021
    risk 0.00cvss 7.8epss 0.00

    prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.

  • CVE-2021-41073HigSep 19, 2021
    risk 0.00cvss 7.8epss 0.02

    loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation.

  • CVE-2021-40490HigSep 3, 2021
    risk 0.00cvss 7.0epss 0.00

    A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

  • CVE-2021-38209LowAug 8, 2021
    risk 0.00cvss 3.3epss 0.00

    net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS…

  • CVE-2021-38208MedAug 8, 2021
    risk 0.00cvss 5.5epss 0.00

    net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

  • CVE-2021-38206MedAug 8, 2021
    risk 0.00cvss 5.5epss 0.00

    The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.

Page 54 of 69