VYPR

Vendor CVEs

Linux

All CVEs

15,976 total · sorted by risk
  • CVE-2024-26875MedApr 17, 2024
    risk 0.42cvss 6.4epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2_context_set_notify [Syzbot reported] BUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35 Read of size 4 at addr…

  • CVE-2024-26768MedApr 3, 2024
    risk 0.42cvss 6.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Change acpi_core_pic[NR_CPUS] to acpi_core_pic[MAX_CORE_PIC] With default config, the value of NR_CPUS is 64. When HW platform has more then 64 cpus, system will crash on these platforms.…

  • CVE-2024-26690MedApr 3, 2024
    risk 0.42cvss 6.5epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in <linux/u64_stats_sync.h>, write side of struct u64_stats_sync must ensure mutual exclusion, or one seqcount update could…

  • CVE-2023-6536MedFeb 7, 2024
    risk 0.42cvss 6.5epss 0.02

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial…

  • CVE-2023-6535MedFeb 7, 2024
    risk 0.42cvss 6.5epss 0.02

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial…

  • CVE-2023-6356MedFeb 7, 2024
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a…

  • CVE-2023-6240MedFeb 4, 2024
    risk 0.42cvss 6.5epss 0.01

    A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.

  • CVE-2023-1193MedNov 1, 2023
    risk 0.42cvss 6.5epss 0.01

    A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work.

  • CVE-2023-42755MedOct 5, 2023
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system…

  • CVE-2023-5158MedSep 25, 2023
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.

  • CVE-2022-4382MedJan 10, 2023
    risk 0.42cvss 6.4epss 0.00

    A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.

  • CVE-2022-3643MedDec 7, 2022
    risk 0.42cvss 6.5epss 0.00

    Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux…

  • CVE-2021-28715MedJan 6, 2022
    risk 0.42cvss 6.5epss 0.00

    Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are…

  • CVE-2021-28714MedJan 6, 2022
    risk 0.42cvss 6.5epss 0.00

    Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are…

  • CVE-2021-28713MedJan 5, 2022
    risk 0.42cvss 6.5epss 0.00

    Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically…

  • CVE-2021-28712MedJan 5, 2022
    risk 0.42cvss 6.5epss 0.00

    Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically…

  • CVE-2021-28711MedJan 5, 2022
    risk 0.42cvss 6.5epss 0.00

    Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically…

  • CVE-2021-28688MedApr 6, 2021
    risk 0.42cvss 6.5epss 0.00

    The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup…

  • CVE-2020-24490MedFeb 2, 2021
    risk 0.42cvss 6.5epss 0.02

    Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

  • CVE-2020-26541MedOct 2, 2020
    risk 0.42cvss 6.5epss 0.01

    The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

  • CVE-2020-10690MedMay 8, 2020
    risk 0.42cvss 6.5epss 0.00

    There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if…

  • CVE-2020-8834MedApr 9, 2020
    risk 0.42cvss 6.5epss 0.00

    KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can…

  • CVE-2019-19079HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.03

    A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.

  • CVE-2019-19078HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.07

    A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.

  • CVE-2019-19074HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.04

    A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.

  • CVE-2019-19071HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.04

    A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.

  • CVE-2019-19070HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.03

    A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the…

  • CVE-2019-19069HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.03

    A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

  • CVE-2019-19064HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.03

    A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute…

  • CVE-2019-19049HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.04

    A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the…

  • CVE-2019-19048HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.04

    A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.

  • CVE-2019-19044HigNov 18, 2019
    risk 0.42cvss 7.5epss 0.04

    Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.

  • CVE-2010-2243HigNov 7, 2019
    risk 0.42cvss 7.5epss 0.03

    A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

  • CVE-2019-18812HigNov 7, 2019
    risk 0.42cvss 7.5epss 0.03

    A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.

  • CVE-2019-18680HigNov 4, 2019
    risk 0.42cvss 7.5epss 0.04

    An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.

  • CVE-2019-16995HigSep 30, 2019
    risk 0.42cvss 7.5epss 0.04

    In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

  • CVE-2019-16921HigSep 27, 2019
    risk 0.42cvss 7.5epss 0.02

    In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

  • CVE-2019-16714HigSep 23, 2019
    risk 0.42cvss 7.5epss 0.03

    In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

  • CVE-2019-3460MedApr 11, 2019
    risk 0.42cvss 6.5epss 0.02

    A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

  • CVE-2019-3459MedApr 11, 2019
    risk 0.42cvss 6.5epss 0.02

    A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

  • CVE-2019-3874MedMar 25, 2019
    risk 0.42cvss 6.5epss 0.02

    The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

  • CVE-2018-10872MedJul 10, 2018
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction…

  • CVE-2017-17741MedDec 18, 2017
    risk 0.42cvss 6.5epss 0.00

    The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.

  • CVE-2017-12190MedNov 22, 2017
    risk 0.42cvss 6.5epss 0.01

    The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference…

  • CVE-2017-10911MedJul 5, 2017
    risk 0.42cvss 6.5epss 0.00

    The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen…

  • CVE-2017-8831MedMay 8, 2017
    risk 0.42cvss 6.4epss 0.00

    The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a…

  • CVE-2017-2596MedFeb 6, 2017
    risk 0.42cvss 6.5epss 0.00

    The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.

  • CVE-2016-5412MedAug 6, 2016
    risk 0.42cvss 6.5epss 0.00

    arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended…

  • CVE-2016-2117HigMay 2, 2016
    risk 0.42cvss 7.5epss 0.06

    The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.

  • CVE-2016-2070HigMay 2, 2016
    risk 0.42cvss 7.5epss 0.03

    The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic.

Page 74 of 320