VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2024-35835MedMay 17, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and return an error. However, arfs_create_table, the only caller of…

  • CVE-2024-35823MedMay 17, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer").…

  • CVE-2024-26804MedApr 4, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr…

  • CVE-2024-26755MedApr 3, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: md: Don't suspend the array for interrupted reshape md_start_sync() will suspend the array if there are spares that can be added or removed from conf, however, if reshape is still in progress, this won't…

  • CVE-2024-26731MedApr 3, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000 …

  • CVE-2023-52618MedMar 18, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "dev_search_path" can technically be as large as PATH_MAX, there was a risk of truncation when copying it and a second string into "full_path" since it…

  • CVE-2023-52511MedMar 2, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even…

  • CVE-2021-47075MedMar 1, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak in nvmet_alloc_ctrl() When creating ctrl in nvmet_alloc_ctrl(), if the cntlid_min is larger than cntlid_max of the subsystem, and jumps to the "out_free_changed_ns_list" label, but the…

  • CVE-2021-47064MedFeb 29, 2024
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76_dma_tx_queue_skb_raw, its field skip_unmap could potentially inherit a non-zero value from stack garbage. If this happens, it will cause DMA…

  • CVE-2022-2602MedJan 8, 2024
    risk 0.35cvss 5.3epss 0.01

    io_uring UAF, Unix SCM garbage collection

  • CVE-2022-2588MedJan 8, 2024
    risk 0.35cvss 5.3epss 0.06

    It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

  • CVE-2023-28866MedMar 27, 2023
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.

  • CVE-2022-2663MedSep 1, 2022
    risk 0.35cvss 5.3epss 0.01

    An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.

  • CVE-2021-20261MedMar 11, 2021
    risk 0.35cvss 6.4epss 0.00

    A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the…

  • CVE-2020-25662MedNov 5, 2020
    risk 0.35cvss 5.3epss 0.01

    A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of…

  • CVE-2020-10942MedMar 24, 2020
    risk 0.35cvss 5.3epss 0.01

    In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

  • CVE-2019-19046MedNov 18, 2019
    risk 0.35cvss 6.5epss 0.03

    A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties…

  • CVE-2018-15572MedAug 20, 2018
    risk 0.35cvss 6.5epss 0.01

    The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

  • CVE-2015-5327MedSep 25, 2017
    risk 0.35cvss 6.5epss 0.02

    Out-of-bounds memory read in the x509_decode_time function in x509_cert_parser.c in Linux kernels 4.3-rc1 and after.

  • CVE-2015-5186MedSep 6, 2017
    risk 0.35cvss 5.3epss 0.03

    Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.

  • CVE-2016-10318MedApr 4, 2017
    risk 0.35cvss 6.5epss 0.02

    A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially…

  • CVE-2015-7513MedFeb 8, 2016
    risk 0.35cvss 6.5epss 0.01

    arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and…

  • CVE-2011-3363MedMay 24, 2012
    risk 0.35cvss 6.5epss 0.01

    The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.

  • CVE-2024-47689MedOct 21, 2024
    risk 0.34cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177…

  • CVE-2024-41012MedJul 23, 2024
    risk 0.34cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first…

  • CVE-2024-40918MedJul 12, 2024
    risk 0.34cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier…

  • CVE-2022-48764MedJun 20, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2} Free the "struct kvm_cpuid_entry2" array on successful post-KVM_RUN KVM_SET_CPUID{,2} to fix a memory leak, the callers of…

  • CVE-2022-48761MedJun 20, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP Modules…

  • CVE-2021-47467MedMay 22, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the…

  • CVE-2022-48698MedMay 3, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling…

  • CVE-2022-48697MedMay 3, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr…

  • CVE-2024-27005MedMay 1, 2024
    risk 0.34cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately…

  • CVE-2022-48638MedApr 28, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace.

  • CVE-2022-48634MedApr 28, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only…

  • CVE-2021-47192MedApr 10, 2024
    risk 0.34cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero after offlinining device") The problem is that…

  • CVE-2021-47140MedMar 25, 2024
    risk 0.34cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Clear DMA ops when switching domain Since commit 08a27c1c3ecf ("iommu: Add support to change default domain of an iommu group") a user can switch a device between IOMMU and direct DMA through sysfs.…

  • CVE-2021-47078MedMar 1, 2024
    risk 0.34cvss 5.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxe_qp_do_cleanup() relies on valid pointer values in QP for the properly created ones, but in case rxe_qp_from_init() failed it was filled with garbage and…

  • CVE-2023-52461MedFeb 23, 2024
    risk 0.34cvss 5.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an…

  • CVE-2024-24864MedFeb 5, 2024
    risk 0.34cvss 5.3epss 0.00

    A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2024-23196MedFeb 5, 2024
    risk 0.34cvss 5.3epss 0.00

    A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2024-22386MedFeb 5, 2024
    risk 0.34cvss 5.3epss 0.00

    A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2024-0564MedJan 30, 2024
    risk 0.34cvss 5.3epss 0.01

    A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of…

  • CVE-2023-4155MedSep 13, 2023
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the…

  • CVE-2020-12888MedMay 15, 2020
    risk 0.34cvss 5.3epss 0.00

    The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

  • CVE-2018-16862MedNov 26, 2018
    risk 0.34cvss 5.3epss 0.01

    A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

  • CVE-2018-14625MedSep 10, 2018
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak…

  • CVE-2017-15837MedApr 3, 2018
    risk 0.34cvss 5.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read…

  • CVE-2009-1961MedJun 8, 2009
    risk 0.34cvss 4.7epss 0.01

    The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal)…

  • CVE-2024-39490MedJul 10, 2024
    risk 0.33cvss 6.2epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing sk_buff release in seg6_input_core The seg6_input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6_input_core(). This function uses the…

  • CVE-2021-47389MedMay 21, 2024
    risk 0.33cvss 5.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. Per AMD's SEV API, RECEIVE_START generates a new guest context…

Page 199 of 320