VYPR

Vendor CVEs

Ubuntu

All CVEs

1,567 total · sorted by risk
  • CVE-2020-36691MedMar 24, 2023
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

  • CVE-2022-4095HigMar 22, 2023
    risk 0.00cvss 7.8epss 0.00

    A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

  • CVE-2022-48425HigMar 19, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.

  • CVE-2022-48423HigMar 19, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur.

  • CVE-2023-23005MedMar 1, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can…

  • CVE-2023-23004MedMar 1, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-23002MedMar 1, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-22999MedFeb 28, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-22998MedFeb 28, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-22997MedFeb 28, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-22996MedFeb 28, 2023
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device.

  • CVE-2023-22995HigFeb 28, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.

  • CVE-2023-26607HigFeb 26, 2023
    risk 0.00cvss 7.1epss 0.01

    In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

  • CVE-2023-26606HigFeb 26, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.

  • CVE-2023-26605HigFeb 26, 2023
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.

  • CVE-2023-0394MedJan 26, 2023
    risk 0.00cvss 5.5epss 0.01

    A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.

  • CVE-2022-47929MedJan 17, 2023
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This…

  • CVE-2023-23559HigJan 13, 2023
    risk 0.00cvss 7.8epss 0.00

    In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

  • CVE-2022-3977HigJan 12, 2023
    risk 0.00cvss 7.8epss 0.00

    A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate…

  • CVE-2023-23454MedJan 12, 2023
    risk 0.00cvss 5.5epss 0.00

    cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2022-4696HigJan 11, 2023
    risk 0.00cvss 7.8epss 0.00

    There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not…

  • CVE-2022-47946MedDec 23, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a…

  • CVE-2022-47943HigDec 23, 2022
    risk 0.00cvss 8.1epss 0.04

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.

  • CVE-2022-47942HigDec 23, 2022
    risk 0.00cvss 8.8epss 0.04

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.

  • CVE-2022-47521HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel…

  • CVE-2022-47520HigDec 18, 2022
    risk 0.00cvss 7.1epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink…

  • CVE-2022-47519HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from…

  • CVE-2022-47518HigDec 18, 2022
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from…

  • CVE-2022-3114MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.

  • CVE-2022-3112MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3111MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().

  • CVE-2022-3110MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.

  • CVE-2022-3108MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

  • CVE-2022-3107MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.

  • CVE-2022-3105MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().

  • CVE-2022-3104MedDec 14, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.

  • CVE-2022-45869MedNov 30, 2022
    risk 0.00cvss 5.5epss 0.00

    A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

  • CVE-2022-4128MedNov 28, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.

  • CVE-2022-4127MedNov 28, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.

  • CVE-2022-45934HigNov 27, 2022
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

  • CVE-2022-45919HigNov 27, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

  • CVE-2022-45888MedNov 25, 2022
    risk 0.00cvss 6.4epss 0.01

    An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.

  • CVE-2022-45887MedNov 25, 2022
    risk 0.00cvss 4.7epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

  • CVE-2022-45886HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

  • CVE-2022-45885HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

  • CVE-2022-45884HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

  • CVE-2022-42896HigNov 23, 2022
    risk 0.00cvss 8.0epss 0.02

    There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code…

  • CVE-2022-42895MedNov 23, 2022
    risk 0.00cvss 5.1epss 0.00

    There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit  https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3…

  • CVE-2022-44034MedOct 30, 2022
    risk 0.00cvss 6.4epss 0.00

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and…

  • CVE-2022-44033MedOct 30, 2022
    risk 0.00cvss 6.4epss 0.00

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and…

Page 21 of 32