VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2022-49395HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes. ================================================================== BUG:…

  • CVE-2022-49368HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() The "fsp->location" variable comes from user via ethtool_get_rxnfc(). Check that it is valid to prevent an out of bounds read.

  • CVE-2022-49289HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: uaccess: fix integer overflow on access_ok() Three architectures check the end of a user access against the address limit without taking a possible overflow into account. Passing a negative length or another…

  • CVE-2022-49278HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: Fix count check in rproc_coredump_write() Check count for 0, to avoid a potential underflow. Make the check the same as the one in rproc_recovery_write().

  • CVE-2022-49252HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long) is 8 compared to…

  • CVE-2022-49251HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: va-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long) is 8 compared to…

  • CVE-2022-49250HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be…

  • CVE-2022-49249HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long) is 8 compared to enum…

  • CVE-2022-49234HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: Avoid cross-chip syncing of VLAN filtering Changes to VLAN filtering are not applicable to cross-chip notifications. On a system like this: .-----. .-----. .-----. | sw1 +---+ sw2 +---+ sw3 |…

  • CVE-2022-49218HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The link_status array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read,…

  • CVE-2022-49172HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flush_user_dcache_range_asm and…

  • CVE-2022-49163HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: fix a bug of accessing array out of bounds When error occurs in parsing jpeg, the slot isn't acquired yet, it may be the default value MXC_MAX_SLOTS. If the driver access the slot using the…

  • CVE-2022-49145HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may…

  • CVE-2022-49094HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decrypt_internal The memory size of tls_ctx->rx.iv for AES128-CCM is 12 setting in tls_set_sw_offload(). The return value of crypto_aead_ivsize() for "ccm(aes)" is 16. So…

  • CVE-2021-47636HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() Function ubifs_wbuf_write_nolock() may access buf out of bounds in following process: ubifs_wbuf_write_nolock(): aligned_len = ALIGN(len, 8); //…

  • CVE-2021-47633HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up…

  • CVE-2024-57929HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dm_array_cursor_end When dm_bm_read_lock() fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output…

  • CVE-2024-57928HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfs: Fix enomem handling in buffered reads If netfs_read_to_pagecache() gets an error from either ->prepare_read() or from netfs_prepare_read_iterator(), it needs to decrement ->nr_outstanding, cancel the…

  • CVE-2024-57925HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2_send_interim_resp(), if ksmbd_alloc_work_struct() fails to allocate a node, it returns a NULL pointer to the in_work pointer. This can lead to an illegal…

  • CVE-2024-57912HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the…

  • CVE-2024-57911HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set…

  • CVE-2024-57910HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data…

  • CVE-2024-57909HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only…

  • CVE-2024-57908HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses…

  • CVE-2024-57907HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it…

  • CVE-2024-57906HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only…

  • CVE-2024-57905HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the…

  • CVE-2025-21647HigJan 19, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow…

  • CVE-2024-55577HigJan 15, 2025
    risk 0.46cvss 7.0epss 0.00

    Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or…

  • CVE-2024-57876HigJan 11, 2025
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the…

  • CVE-2024-57838HigJan 11, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/entry: Mark IRQ entries to fix stack depot warnings The stack depot filters out everything outside of the top interrupt context as an uninteresting or irrelevant part of the stack traces. This helps with…

  • CVE-2024-52332HigJan 11, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when…

  • CVE-2024-41935HigJan 11, 2025
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree during its shrink, however, if there is a huge number of extent nodes in extent tree, during shrink…

  • CVE-2024-56721HigDec 29, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it…

  • CVE-2024-56672HigDec 27, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after…

  • CVE-2024-56664HigDec 27, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete()…

  • CVE-2024-56663HigDec 27, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, the *max* of attribute NL80211_ATTR_MLO_LINK_ID should be…

  • CVE-2024-56650HigDec 27, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by…

  • CVE-2024-56635HigDec 27, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in default_operstate() syzbot reported an UAF in default_operstate() [1] Issue is a race between device and netns dismantles. After calling __rtnl_unlock() from netdev_run_todo(), we…

  • CVE-2024-56627HigDec 27, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting…

  • CVE-2024-56597HigDec 27, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix shift-out-of-bounds in dbSplit When dmt_budmin is less than zero, it causes errors in the later stages. Added a check to return an error beforehand in dbAllocCtl itself.

  • CVE-2024-56556HigDec 27, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner_lock held. However, this lock is temporarily dropped in order to acquire the…

  • CVE-2024-56555HigDec 27, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner_lock held. However, this lock is temporarily dropped to acquire the node->lock first…

  • CVE-2024-53186HigDec 27, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in SMB request handling A race condition exists between SMB request handling in `ksmbd_conn_handler_loop()` and the freeing of `ksmbd_conn` in the workqueue handler…

  • CVE-2024-53162HigDec 24, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.

  • CVE-2024-53155HigDec 24, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2_file_read_iter() Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_iter+0x9a4/0xf80 …

  • CVE-2024-53147HigDec 24, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system…

  • CVE-2024-53108HigDec 2, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. However, this check causes the following out-of-bounds issues…

  • CVE-2024-53099HigNov 25, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot…

  • CVE-2024-53082HigNov 19, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key.

Page 52 of 320