VYPR

Vendor CVEs

Linux

All CVEs

15,642 total · sorted by risk
  • CVE-2021-4197HigMar 23, 2022
    risk 0.51cvss 7.8epss 0.01

    An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for…

  • CVE-2022-1011HigMar 18, 2022
    risk 0.51cvss 7.8epss 0.01

    A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

  • CVE-2022-0646HigFeb 18, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their…

  • CVE-2022-25265HigFeb 16, 2022
    risk 0.51cvss 7.8epss 0.01

    In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

  • CVE-2021-3760HigFeb 16, 2022
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.

  • CVE-2021-34866HigJan 25, 2022
    risk 0.51cvss 7.8epss 0.01

    This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists…

  • CVE-2021-3612HigJul 9, 2021
    risk 0.51cvss 7.8epss 0.01

    An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The…

  • CVE-2021-28691HigJun 29, 2021
    risk 0.51cvss 7.8epss 0.00

    Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel…

  • CVE-2021-22543HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random…

  • CVE-2020-25671HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

  • CVE-2020-25670HigMay 26, 2021
    risk 0.51cvss 7.8epss 0.01

    A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

  • CVE-2021-3483HigMay 17, 2021
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as…

  • CVE-2021-20268HigMar 9, 2021
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The…

  • CVE-2021-20194HigFeb 23, 2021
    risk 0.51cvss 7.8epss 0.00

    There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of…

  • CVE-2020-12362HigFeb 17, 2021
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-26934HigFeb 17, 2021
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry.

  • CVE-2020-11206HigNov 12, 2020
    risk 0.51cvss 7.8epss 0.02

    Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410,…

  • CVE-2020-0432HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2019-19448HigDec 8, 2019
    risk 0.51cvss 7.8epss 0.02

    In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can…

  • CVE-2019-0145HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.

  • CVE-2019-14835HigSep 17, 2019
    risk 0.51cvss 7.8epss 0.01

    A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to…

  • CVE-2019-12881HigJun 18, 2019
    risk 0.51cvss 7.8epss 0.01

    i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to…

  • CVE-2018-20669HigMar 21, 2019
    risk 0.51cvss 7.8epss 0.01

    An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary…

  • CVE-2018-18653HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in…

  • CVE-2018-6555HigSep 4, 2018
    risk 0.51cvss 7.8epss 0.01

    The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an…

  • CVE-2018-15471HigAug 17, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing…

  • CVE-2018-14678HigJul 28, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and…

  • CVE-2017-15851HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of copy_from_user and information leak in function "msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel

  • CVE-2018-12931HigJun 28, 2018
    risk 0.51cvss 7.8epss 0.00

    ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

  • CVE-2018-12930HigJun 28, 2018
    risk 0.51cvss 7.8epss 0.00

    ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

  • CVE-2017-15842HigJun 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

  • CVE-2018-12233HigJun 12, 2018
    risk 0.51cvss 7.8epss 0.02

    In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with…

  • CVE-2018-8781HigApr 23, 2018
    risk 0.51cvss 7.8epss 0.01

    The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages,…

  • CVE-2018-8822HigMar 20, 2018
    risk 0.51cvss 7.8epss 0.01

    Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the…

  • CVE-2017-18066HigMar 16, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl().

  • CVE-2017-18055HigMar 16, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer…

  • CVE-2017-15831HigMar 16, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_ndp_end_indication_event_handler(), there is no input validation check on a event_info value coming from firmware, which can cause an integer…

  • CVE-2017-14887HigMar 16, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur.

  • CVE-2017-18064HigMar 15, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for p2p_noa_info in wma_send_bcn_buf_ll() which is received from firmware leads to potential buffer overflow.

  • CVE-2017-15849HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.

  • CVE-2017-17863HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.

  • CVE-2017-17857HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

  • CVE-2017-17856HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.

  • CVE-2017-17855HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.

  • CVE-2017-17854HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.

  • CVE-2017-17853HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.

  • CVE-2017-17852HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.

  • CVE-2017-16996HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.

  • CVE-2017-17806HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.01

    The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash…

  • CVE-2017-17805HigDec 20, 2017
    risk 0.51cvss 7.8epss 0.00

    The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free…

Page 9 of 313