VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2020-14390MedSep 18, 2020
    risk 0.36cvss 5.6epss 0.00

    A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

  • CVE-2019-19338MedJul 13, 2020
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA…

  • CVE-2020-12771MedMay 9, 2020
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

  • CVE-2020-12656MedMay 5, 2020
    risk 0.36cvss 5.5epss 0.00

    gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not…

  • CVE-2011-2498MedFeb 20, 2020
    risk 0.36cvss 5.5epss 0.00

    The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

  • CVE-2020-8992MedFeb 14, 2020
    risk 0.36cvss 5.5epss 0.00

    ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

  • CVE-2011-1474MedDec 26, 2019
    risk 0.36cvss 5.5epss 0.00

    A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create…

  • CVE-2019-19813MedDec 17, 2019
    risk 0.36cvss 5.5epss 0.02

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c,…

  • CVE-2019-19462MedNov 30, 2019
    risk 0.36cvss 5.5epss 0.00

    relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

  • CVE-2019-10207MedNov 25, 2019
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call…

  • CVE-2019-19037MedNov 21, 2019
    risk 0.36cvss 5.5epss 0.02

    ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.

  • CVE-2019-19039MedNov 21, 2019
    risk 0.36cvss 5.5epss 0.01

    __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team…

  • CVE-2019-19036MedNov 21, 2019
    risk 0.36cvss 5.5epss 0.02

    btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.

  • CVE-2007-3732MedNov 7, 2019
    risk 0.36cvss 5.5epss 0.00

    In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "current" references work.…

  • CVE-2019-18786MedNov 6, 2019
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.

  • CVE-2019-15902MedSep 4, 2019
    risk 0.36cvss 5.6epss 0.01

    A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()"…

  • CVE-2019-10140MedAug 15, 2019
    risk 0.36cvss 5.5epss 0.00

    A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers…

  • CVE-2019-13648MedJul 19, 2019
    risk 0.36cvss 5.5epss 0.01

    In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects…

  • CVE-2018-20510MedApr 30, 2019
    risk 0.36cvss 5.5epss 0.00

    The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

  • CVE-2018-20509MedApr 30, 2019
    risk 0.36cvss 5.5epss 0.00

    The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

  • CVE-2019-3882MedApr 24, 2019
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a…

  • CVE-2019-3887MedApr 9, 2019
    risk 0.36cvss 5.6epss 0.00

    A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw…

  • CVE-2018-20449MedApr 4, 2019
    risk 0.36cvss 5.5epss 0.00

    The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

  • CVE-2018-19407MedNov 21, 2018
    risk 0.36cvss 5.5epss 0.00

    The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.

  • CVE-2018-19406MedNov 21, 2018
    risk 0.36cvss 5.5epss 0.00

    kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.

  • CVE-2018-17972MedOct 3, 2018
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack…

  • CVE-2018-6554MedSep 4, 2018
    risk 0.36cvss 5.5epss 0.01

    Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.

  • CVE-2018-5995MedAug 7, 2018
    risk 0.36cvss 5.5epss 0.00

    The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

  • CVE-2018-14617MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted…

  • CVE-2018-14616MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.02

    An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.

  • CVE-2018-14615MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.02

    An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.

  • CVE-2018-14614MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.02

    An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image.

  • CVE-2018-14613MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.

  • CVE-2018-14612MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a…

  • CVE-2018-14611MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.

  • CVE-2018-14610MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within…

  • CVE-2018-14609MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.

  • CVE-2018-12929MedJun 28, 2018
    risk 0.36cvss 5.5epss 0.00

    ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.

  • CVE-2018-12928MedJun 28, 2018
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

  • CVE-2016-10723MedJun 21, 2018
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via…

  • CVE-2018-1000199MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.01

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability…

  • CVE-2018-10323MedApr 24, 2018
    risk 0.36cvss 5.5epss 0.01

    The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

  • CVE-2018-10322MedApr 24, 2018
    risk 0.36cvss 5.5epss 0.01

    The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

  • CVE-2018-7740MedMar 7, 2018
    risk 0.36cvss 5.5epss 0.01

    The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

  • CVE-2014-8171MedFeb 9, 2018
    risk 0.36cvss 5.5epss 0.00

    The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.

  • CVE-2018-5750MedJan 26, 2018
    risk 0.36cvss 5.5epss 0.00

    The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

  • CVE-2017-17975MedDec 30, 2017
    risk 0.36cvss 5.5epss 0.00

    Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a…

  • CVE-2016-3695MedDec 29, 2017
    risk 0.36cvss 5.5epss 0.01

    The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.

  • CVE-2017-17862MedDec 27, 2017
    risk 0.36cvss 5.5epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

  • CVE-2017-15116MedNov 30, 2017
    risk 0.36cvss 5.5epss 0.00

    The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

Page 196 of 320