VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2023-22996MedFeb 28, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device.

  • CVE-2023-0461HigFeb 28, 2023
    risk 0.00cvss 7.8epss 0.01

    There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any…

  • CVE-2023-22995HigFeb 28, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.

  • CVE-2023-26607HigFeb 26, 2023
    risk 0.00cvss 7.1epss 0.01

    In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

  • CVE-2023-26606HigFeb 26, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.

  • CVE-2023-26605HigFeb 26, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.

  • CVE-2023-26545MedFeb 25, 2023
    risk 0.00cvss 4.7epss 0.00

    In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

  • CVE-2023-26544HigFeb 25, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.

  • CVE-2023-23586MedFeb 17, 2023
    risk 0.00cvss 5.5epss 0.00

    Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring's io_worker…

  • CVE-2023-25012MedFeb 2, 2023
    risk 0.00cvss 4.6epss 0.01

    The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

  • CVE-2023-0240HigJan 30, 2023
    risk 0.00cvss 7.8epss 0.00

    There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this…

  • CVE-2023-0394MedJan 26, 2023
    risk 0.00cvss 5.5epss 0.01

    A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.

  • CVE-2023-0122HigJan 17, 2023
    risk 0.00cvss 7.5epss 0.01

    A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4.

  • CVE-2022-47929MedJan 17, 2023
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This…

  • CVE-2022-41858HigJan 17, 2023
    risk 0.00cvss 7.1epss 0.00

    A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

  • CVE-2023-23559HigJan 13, 2023
    risk 0.00cvss 7.8epss 0.00

    In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

  • CVE-2022-3977HigJan 12, 2023
    risk 0.00cvss 7.8epss 0.00

    A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate…

  • CVE-2022-3628MedJan 12, 2023
    risk 0.00cvss 6.6epss 0.01

    A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.

  • CVE-2023-23455MedJan 12, 2023
    risk 0.00cvss 5.5epss 0.00

    atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2023-23454MedJan 12, 2023
    risk 0.00cvss 5.5epss 0.00

    cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2022-4696HigJan 11, 2023
    risk 0.00cvss 7.8epss 0.00

    There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not…

  • CVE-2022-2196MedJan 9, 2023
    risk 0.00cvss 5.8epss 0.00

    A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An…

  • CVE-2022-47946MedDec 23, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a…

  • CVE-2022-47943HigDec 23, 2022
    risk 0.00cvss 8.1epss 0.04

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.

  • CVE-2022-47942HigDec 23, 2022
    risk 0.00cvss 8.8epss 0.04

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.

  • CVE-2022-47941HigDec 23, 2022
    risk 0.00cvss 7.5epss 0.05

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.

  • CVE-2022-47940HigDec 23, 2022
    risk 0.00cvss 8.1epss 0.01

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.

  • CVE-2022-47521HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel…

  • CVE-2022-47520HigDec 18, 2022
    risk 0.00cvss 7.1epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink…

  • CVE-2022-47519HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from…

  • CVE-2022-47518HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from…

  • CVE-2022-3115MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3114MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.

  • CVE-2022-3113MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3112MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3111MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().

  • CVE-2022-3110MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.

  • CVE-2022-3108MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

  • CVE-2022-3107MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.

  • CVE-2022-3106MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().

  • CVE-2022-3105MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().

  • CVE-2022-3104MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.

  • CVE-2022-45869MedNov 30, 2022
    risk 0.00cvss 5.5epss 0.00

    A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

  • CVE-2022-4128MedNov 28, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.

  • CVE-2022-4127MedNov 28, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.

  • CVE-2022-45934HigNov 27, 2022
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

  • CVE-2022-45919HigNov 27, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

  • CVE-2022-45888MedNov 25, 2022
    risk 0.00cvss 6.4epss 0.01

    An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.

  • CVE-2022-45887MedNov 25, 2022
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

  • CVE-2022-45886HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

Page 285 of 320