VYPR

Linux Kernel

by Ubuntu

Source repositories

CVEs (1,433)

  • CVE-2015-8844MedApr 27, 2016
    risk 0.29cvss 5.5epss 0.00

    The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

  • CVE-2016-0821MedMar 12, 2016
    risk 0.29cvss 5.5epss 0.00

    The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection…

  • CVE-2012-0038MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.

  • CVE-2023-6121MedNov 16, 2023
    risk 0.28cvss 4.3epss 0.02

    An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the…

  • CVE-2023-47233MedNov 3, 2023
    risk 0.28cvss 4.3epss 0.00

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is…

  • CVE-2026-43420MedMay 8, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix i_nlink underrun during async unlink During async unlink, we drop the `i_nlink` counter before we receive the completion (that will eventually update the `i_nlink`) because "we assume that the unlink…

  • CVE-2015-4170MedMay 2, 2016
    risk 0.24cvss 4.7epss 0.00

    Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a…

  • CVE-2022-0847KEVMar 7, 2022
    risk 0.22cvss epss 0.88

    A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to…

  • CVE-2026-47336LowMay 28, 2026
    risk 0.21cvss 3.3epss 0.00

    Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets.

  • CVE-2021-22555KEVJul 7, 2021
    risk 0.21cvss epss 0.79

    A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

  • CVE-2021-3493KEVApr 17, 2021
    risk 0.19cvss epss 0.44

    The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu…

  • CVE-2019-13272KEVJul 17, 2019
    risk 0.19cvss epss 0.52

    In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process…

  • CVE-2023-52620LowMar 21, 2024
    risk 0.16cvss 2.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.

  • CVE-2023-0266KEVJan 30, 2023
    risk 0.12cvss epss 0.04

    A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend…

  • CVE-2019-11478Jun 18, 2019
    risk 0.08cvss epss 0.95

    Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been…

  • CVE-2019-11477Jun 18, 2019
    risk 0.08cvss epss 0.99

    Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel…

  • CVE-2015-8569LowDec 28, 2015
    risk 0.08cvss 2.3epss 0.00

    The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted…

  • CVE-2019-11479Jun 18, 2019
    risk 0.07cvss epss 0.92

    Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been…

  • CVE-2021-3490Jun 4, 2021
    risk 0.05cvss epss 0.27

    The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit…

  • CVE-2022-2588Jan 8, 2024
    risk 0.04cvss epss 0.06

    It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

Page 7 of 72