VYPR

Vendor CVEs

Linux

All CVEs

15,998 total · sorted by risk
  • CVE-2020-24588LowMay 11, 2021
    risk 0.23cvss 3.5epss 0.04

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is…

  • CVE-2019-19068MedNov 18, 2019
    risk 0.23cvss 4.6epss 0.00

    A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

  • CVE-2019-18809MedNov 7, 2019
    risk 0.23cvss 4.6epss 0.00

    A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.

  • CVE-2016-2187MedMay 2, 2016
    risk 0.23cvss 4.6epss 0.01

    The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

  • CVE-2016-2186MedMay 2, 2016
    risk 0.23cvss 4.6epss 0.01

    The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

  • CVE-2016-2185MedMay 2, 2016
    risk 0.23cvss 4.6epss 0.01

    The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

  • CVE-2015-8324MedMay 2, 2016
    risk 0.23cvss 4.6epss 0.00

    The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the…

  • CVE-2024-42154MedJul 30, 2024
    risk 0.22cvss 4.4epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it…

  • CVE-2024-28085LowMar 27, 2024
    risk 0.22cvss 3.3epss 0.02

    wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.)…

  • CVE-2020-35501LowMar 30, 2022
    risk 0.22cvss 3.4epss 0.00

    A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem

  • CVE-2021-20317MedSep 27, 2021
    risk 0.22cvss 4.4epss 0.00

    A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the…

  • CVE-2021-20177MedMay 26, 2021
    risk 0.22cvss 4.4epss 0.00

    A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.

  • CVE-2019-20806MedMay 27, 2020
    risk 0.22cvss 4.4epss 0.00

    An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.

  • CVE-2019-19072MedNov 18, 2019
    risk 0.22cvss 4.4epss 0.00

    A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.

  • CVE-2019-19067MedNov 18, 2019
    risk 0.22cvss 4.4epss 0.00

    Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka…

  • CVE-2019-19045MedNov 18, 2019
    risk 0.22cvss 4.4epss 0.01

    A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

  • CVE-2016-9604MedJul 11, 2018
    risk 0.22cvss 4.4epss 0.00

    It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by…

  • CVE-2015-2877LowMar 3, 2017
    risk 0.22cvss 3.3epss 0.01

    Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the…

  • CVE-2015-7509MedDec 28, 2015
    risk 0.22cvss 4.4epss 0.00

    fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

  • CVE-2014-8134LowDec 12, 2014
    risk 0.22cvss 3.3epss 0.01

    The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a…

  • CVE-2026-22978LowJan 23, 2026
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 …

  • CVE-2025-71148LowJan 23, 2026
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() replaces sk->sk_destruct but never restores it when submission fails before the request is hashed. handshake_sk_destruct() then…

  • CVE-2025-39964LowOct 13, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes…

  • CVE-2022-50522LowOct 7, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleon_parse_gdd() If mcb_device_register() returns error in chameleon_parse_gdd(), the refcount of bus and device name are leaked. Fix this by calling put_device() to…

  • CVE-2021-47671LowApr 17, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb…

  • CVE-2025-21860LowMar 12, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswap_store_page() fails Commit b7c0ccdfbafd ("mm: zswap: support large folios in zswap_store()") skips charging any zswap entries when it failed to zswap the entire folio. …

  • CVE-2025-21851LowMar 12, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, arena_htab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k…

  • CVE-2024-39286LowFeb 12, 2025
    risk 0.21cvss 3.3epss 0.00

    Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2024-57898LowJan 15, 2025
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the valid_links bitmap before performing any clean-up operations.…

  • CVE-2024-50211LowNov 8, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out…

  • CVE-2024-50092LowNov 5, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the next iteration. Current…

  • CVE-2024-50057LowOct 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fixes the warning caused…

  • CVE-2024-50044LowOct 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it…

  • CVE-2024-47738LowOct 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no supported rate warning…

  • CVE-2024-46794LowSep 18, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmio_read() unintentionally exposes the value of an…

  • CVE-2024-46792LowSep 18, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address.

  • CVE-2022-48939LowAug 22, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hung in rcu_barrier …

  • CVE-2022-48937LowAug 22, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring: add a schedule point in io_add_buffers() Looping ~65535 times doing kmalloc() calls can trigger soft lockups, especially with DEBUG features (like KASAN). [ 253.536212] watchdog: BUG: soft lockup -…

  • CVE-2024-43845LowAug 17, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updating checksum of '..' directory entry of a moved directory. This is indeed true as we…

  • CVE-2024-43841LowAug 17, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_result() will trigger the…

  • CVE-2024-42249LowAug 7, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the…

  • CVE-2024-42233LowAug 7, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: filemap: replace pte_offset_map() with pte_offset_map_nolock() The vmf->ptl in filemap_fault_recheck_pte_none() is still set from handle_pte_fault(). But at the same time, we did a pte_unmap(vmf->pte). After…

  • CVE-2022-48852LowJul 16, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device at unbind.

  • CVE-2024-38388LowJun 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup Use the control private_free callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets…

  • CVE-2023-52839LowMay 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Do not broadcast to other cpus when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 gives rise to this…

  • CVE-2021-47430LowMay 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit …

  • CVE-2021-47317LowMay 21, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fix detecting BPF atomic instructions Commit 91c960b0056672 ("bpf: Rename BPF_XADD and prepare to encode other atomics in .imm") converted BPF_XADD to BPF_ATOMIC and added a way to distinguish…

  • CVE-2024-35935LowMay 19, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path buffer fails. The pointers are not printed so we don't accidentally leak kernel…

  • CVE-2022-48668LowApr 28, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided…

  • CVE-2022-48667LowApr 28, 2024
    risk 0.21cvss 3.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading…

Page 235 of 320