VYPR

Vendor CVEs

Linux

All CVEs

15,976 total · sorted by risk
  • CVE-2015-8746HigMay 2, 2016
    risk 0.42cvss 7.5epss 0.03

    fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.

  • CVE-2014-3687HigNov 10, 2014
    risk 0.42cvss 7.5epss 0.09

    The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect…

  • CVE-2014-3673HigNov 10, 2014
    risk 0.42cvss 7.5epss 0.07

    The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

  • CVE-2011-4087HigJun 8, 2013
    risk 0.42cvss 7.5epss 0.03

    The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an…

  • CVE-2011-2482HigJun 8, 2013
    risk 0.42cvss 7.5epss 0.04

    A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.

  • CVE-2011-3359HigMay 24, 2012
    risk 0.42cvss 7.5epss 0.03

    The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.

  • CVE-2011-2699HigMay 24, 2012
    risk 0.42cvss 7.5epss 0.06

    The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted…

  • CVE-2026-46320HigJun 9, 2026
    risk 0.41cvss 7.4epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp() tap_get_user_xdp() rejects a frame shorter than ETH_HLEN with -EINVAL, and returns -ENOMEM when build_skb() fails. Both paths jump to the err label without…

  • CVE-2026-23364HigMar 25, 2026
    risk 0.41cvss 7.4epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().

  • CVE-2024-57893MedJan 15, 2025
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the…

  • CVE-2024-56706MedDec 28, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutex_lock() and mutex_unlock(). After…

  • CVE-2024-42161MedJul 30, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the…

  • CVE-2024-42111MedJul 30, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfs_qgroup_inherit structure [BUG] Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfs_qgroup_inherit+0x42e/0x2e20…

  • CVE-2024-38544MedJun 19, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkts queue and then a decision is made whether to run the completer task inline or…

  • CVE-2021-47267MedMay 21, 2024
    risk 0.41cvss 6.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0…

  • CVE-2024-35970MedMay 20, 2024
    risk 0.41cvss 6.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u->oob_skb. syzkaller started to report deadlock of unix_gc_lock after commit 4090fa373f0e ("af_unix: Replace garbage collection algorithm."), but it just uncovers the bug that has been…

  • CVE-2024-27032MedMay 1, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic. Also, if…

  • CVE-2024-27030MedMay 1, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two…

  • CVE-2023-52644MedApr 17, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue…

  • CVE-2024-26830MedApr 17, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and the VF is put down (VF tries to delete all MACs) then the MAC is removed from MAC…

  • CVE-2021-47189MedApr 10, 2024
    risk 0.41cvss 6.3epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution…

  • CVE-2023-52581MedMar 2, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before…

  • CVE-2023-52502MedMar 2, 2024
    risk 0.41cvss 6.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock…

  • CVE-2024-22099MedJan 25, 2024
    risk 0.41cvss 6.3epss 0.01

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2022-36402MedSep 16, 2022
    risk 0.41cvss 6.3epss 0.00

    An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a…

  • CVE-2022-40133MedSep 9, 2022
    risk 0.41cvss 6.3epss 0.00

    A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to…

  • CVE-2022-38457MedSep 9, 2022
    risk 0.41cvss 6.3epss 0.00

    A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain…

  • CVE-2022-38096MedSep 9, 2022
    risk 0.41cvss 6.3epss 0.01

    A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege,…

  • CVE-2022-36280MedSep 9, 2022
    risk 0.41cvss 6.3epss 0.01

    An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain…

  • CVE-2022-1462MedJun 2, 2022
    risk 0.41cvss 6.3epss 0.00

    An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a…

  • CVE-2022-1280MedApr 13, 2022
    risk 0.41cvss 6.3epss 0.00

    A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.

  • CVE-2017-15102MedNov 15, 2017
    risk 0.41cvss 6.3epss 0.00

    The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and…

  • CVE-2015-8962HigNov 16, 2016
    risk 0.41cvss 7.3epss 0.02

    Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.

  • CVE-2016-5728MedJun 27, 2016
    risk 0.41cvss 6.3epss 0.00

    Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by…

  • CVE-2016-2069HigApr 27, 2016
    risk 0.41cvss 7.4epss 0.00

    Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

  • CVE-2015-8660MedDec 28, 2015
    risk 0.41cvss 6.7epss 0.22

    The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

  • CVE-2014-4608HigJul 3, 2014
    risk 0.41cvss 7.3epss 0.05

    Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the…

  • CVE-2026-46328HigJun 9, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit. Refactor the code so its clear when what code is setting the limit and conditionally update the…

  • CVE-2026-46250HigJun 3, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, __current_thread_info is defined as global register variable locating in $gp, and is simply assigned with new address during…

  • CVE-2026-45932HigMay 27, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPF_PROG_DETACH on tcx or netkit devices could be executed by any user when no program fd was provided,…

  • CVE-2026-43497HigMay 21, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free dlfb_ops_mmap() uses remap_pfn_range() to map vmalloc framebuffer pages to userspace but sets no vm_ops on the VMA. This means the kernel…

  • CVE-2026-43459HigMay 8, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in snd_soc_dapm_stream_event(), called from the…

  • CVE-2026-43025HigMay 1, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore…

  • CVE-2026-31569HigApr 24, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's…

  • CVE-2026-23236HigMar 4, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can…

  • CVE-2025-14104MedDec 5, 2025
    risk 0.40cvss 6.1epss 0.00

    A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

  • CVE-2024-57878MedJan 11, 2025
    risk 0.40cvss 6.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_FPMR Currently fpmr_set() doesn't initialize the temporary 'fpmr' variable, and a SETREGSET call with a length of zero will leave this uninitialized.…

  • CVE-2024-57877MedJan 11, 2025
    risk 0.40cvss 6.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_POE Currently poe_set() doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently…

  • CVE-2024-57874MedJan 11, 2025
    risk 0.40cvss 6.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL Currently tagged_addr_ctrl_set() doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this…

  • CVE-2024-50251MedNov 9, 2024
    risk 0.40cvss 6.2epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally…

Page 75 of 320