VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2023-35788HigJun 16, 2023
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

  • CVE-2023-3111HigJun 5, 2023
    risk 0.51cvss 7.8epss 0.00

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2023-2598HigJun 1, 2023
    risk 0.51cvss 7.8epss 0.01

    A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

  • CVE-2023-2176HigApr 20, 2023
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.

  • CVE-2023-28464HigMar 31, 2023
    risk 0.51cvss 7.8epss 0.00

    hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.

  • CVE-2023-1670HigMar 30, 2023
    risk 0.51cvss 7.8epss 0.00

    A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2023-0179HigMar 27, 2023
    risk 0.51cvss 7.8epss 0.02

    A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

  • CVE-2023-1252HigMar 23, 2023
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch…

  • CVE-2023-26242HigFeb 21, 2023
    risk 0.51cvss 7.8epss 0.00

    afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow.

  • CVE-2022-4139HigJan 27, 2023
    risk 0.51cvss 7.8epss 0.00

    An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.

  • CVE-2022-4378HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2022-3238HigNov 14, 2022
    risk 0.51cvss 7.8epss 0.00

    A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount and umount simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2022-3103HigSep 26, 2022
    risk 0.51cvss 7.8epss 0.00

    off-by-one in io_uring module.

  • CVE-2022-2964HigSep 9, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

  • CVE-2022-1976HigAug 31, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege…

  • CVE-2022-2978HigAug 24, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges…

  • CVE-2022-33743HigJul 5, 2022
    risk 0.51cvss 7.8epss 0.00

    network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.

  • CVE-2022-1786HigJun 2, 2022
    risk 0.51cvss 7.8epss 0.01

    A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

  • CVE-2022-1652HigJun 2, 2022
    risk 0.51cvss 7.8epss 0.01

    Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause…

  • CVE-2022-1882HigMay 26, 2022
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges…

  • CVE-2022-1679HigMay 16, 2022
    risk 0.51cvss 7.8epss 0.01

    A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2021-3847HigApr 1, 2022
    risk 0.51cvss 7.8epss 0.00

    An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the…

  • CVE-2022-0998HigMar 30, 2022
    risk 0.51cvss 7.8epss 0.00

    An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2022-0330HigMar 25, 2022
    risk 0.51cvss 7.8epss 0.00

    A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

  • CVE-2021-4197HigMar 23, 2022
    risk 0.51cvss 7.8epss 0.01

    An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for…

  • CVE-2022-1011HigMar 18, 2022
    risk 0.51cvss 7.8epss 0.01

    A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

  • CVE-2022-0646HigFeb 18, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their…

  • CVE-2022-25265HigFeb 16, 2022
    risk 0.51cvss 7.8epss 0.01

    In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

  • CVE-2021-3760HigFeb 16, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.

  • CVE-2021-34866HigJan 25, 2022
    risk 0.51cvss 7.8epss 0.01

    This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists…

  • CVE-2021-3612HigJul 9, 2021
    risk 0.51cvss 7.8epss 0.01

    An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The…

  • CVE-2021-28691HigJun 29, 2021
    risk 0.51cvss 7.8epss 0.00

    Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel…

  • CVE-2021-22543HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random…

  • CVE-2020-25671HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

  • CVE-2020-25670HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

  • CVE-2021-3483HigMay 17, 2021
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as…

  • CVE-2020-35519HigMay 6, 2021
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak…

  • CVE-2021-28375HigMar 15, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.

  • CVE-2021-20268HigMar 9, 2021
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The…

  • CVE-2021-20194HigFeb 23, 2021
    risk 0.51cvss 7.8epss 0.00

    There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of…

  • CVE-2021-20226HigFeb 23, 2021
    risk 0.51cvss 7.8epss 0.00

    A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the…

  • CVE-2020-12362HigFeb 17, 2021
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-26934HigFeb 17, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry.

  • CVE-2020-14351HigDec 3, 2020
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data…

  • CVE-2020-25221HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.01

    get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be…

  • CVE-2020-14356HigAug 19, 2020
    risk 0.51cvss 7.8epss 0.01

    A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

  • CVE-2020-10699HigApr 15, 2020
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.

  • CVE-2020-11725HigApr 12, 2020
    risk 0.51cvss 7.8epss 0.01

    snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant…

  • CVE-2019-20326HigMar 16, 2020
    risk 0.51cvss 7.8epss 0.02

    A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.

  • CVE-2019-19816HigDec 17, 2019
    risk 0.51cvss 7.8epss 0.03

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.

Page 37 of 320