VYPR

Vendor CVEs

Ubuntu

All CVEs

1,620 total · sorted by risk
  • CVE-2022-1651HigJul 26, 2022
    risk 0.00cvss 7.1epss 0.00

    A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.

  • CVE-2020-36557MedJul 21, 2022
    risk 0.00cvss 5.1epss 0.00

    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.

  • CVE-2021-33655MedJul 18, 2022
    risk 0.00cvss 6.7epss 0.00

    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.

  • CVE-2022-2380MedJul 13, 2022
    risk 0.00cvss 5.5epss 0.00

    The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.

  • CVE-2022-2318MedJul 6, 2022
    risk 0.00cvss 5.5epss 0.00

    There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

  • CVE-2022-2078MedJun 30, 2022
    risk 0.00cvss 5.5epss 0.01

    A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

  • CVE-2022-33981LowJun 18, 2022
    risk 0.00cvss 3.3epss 0.01

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

  • CVE-2022-1998HigJun 9, 2022
    risk 0.00cvss 7.8epss 0.00

    A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2022-32296LowJun 5, 2022
    risk 0.00cvss 3.3epss 0.00

    The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

  • CVE-2022-29581HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

  • CVE-2022-1116HigMay 17, 2022
    risk 0.00cvss 7.8epss 0.01

    Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

  • CVE-2022-30594HigMay 12, 2022
    risk 0.00cvss 7.8epss 0.01

    The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

  • CVE-2022-1516MedMay 5, 2022
    risk 0.00cvss 5.5epss 0.00

    A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash…

  • CVE-2022-29968HigMay 2, 2022
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

  • CVE-2022-1353HigApr 29, 2022
    risk 0.00cvss 7.1epss 0.00

    A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

  • CVE-2022-29582HigApr 22, 2022
    risk 0.00cvss 7.0epss 0.01

    In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.

  • CVE-2022-29156HigApr 13, 2022
    risk 0.00cvss 7.8epss 0.00

    drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.

  • CVE-2022-28893HigApr 11, 2022
    risk 0.00cvss 7.8epss 0.00

    The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

  • CVE-2022-28796HigApr 8, 2022
    risk 0.00cvss 7.0epss 0.00

    jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

  • CVE-2022-28388MedApr 3, 2022
    risk 0.00cvss 5.5epss 0.00

    usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.

  • CVE-2022-28356MedApr 2, 2022
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

  • CVE-2022-0500HigMar 25, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.

  • CVE-2022-0322MedMar 25, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of…

  • CVE-2021-4203MedMar 25, 2022
    risk 0.00cvss 6.8epss 0.02

    A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

  • CVE-2022-0742CriMar 18, 2022
    risk 0.00cvss 9.1epss 0.05

    Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

  • CVE-2021-45868MedMar 18, 2022
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.

  • CVE-2022-26966MedMar 12, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.

  • CVE-2022-0516HigMar 10, 2022
    risk 0.00cvss 7.8epss 0.00

    A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions…

  • CVE-2022-26490HigMar 6, 2022
    risk 0.00cvss 7.8epss 0.00

    st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

  • CVE-2021-3744MedMar 4, 2022
    risk 0.00cvss 5.5epss 0.01

    A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

  • CVE-2021-3743HigMar 4, 2022
    risk 0.00cvss 7.1epss 0.01

    An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest…

  • CVE-2021-3640HigMar 3, 2022
    risk 0.00cvss 7.0epss 0.00

    A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable…

  • CVE-2021-4002MedMar 3, 2022
    risk 0.00cvss 4.4epss 0.01

    A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized…

  • CVE-2021-3609HigMar 3, 2022
    risk 0.00cvss 7.0epss 0.00

    .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege…

  • CVE-2021-3715HigMar 2, 2022
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their…

  • CVE-2021-3753MedFeb 16, 2022
    risk 0.00cvss 4.7epss 0.00

    A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data…

  • CVE-2022-0617MedFeb 16, 2022
    risk 0.00cvss 5.5epss 0.01

    A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

  • CVE-2021-44879MedFeb 14, 2022
    risk 0.00cvss 5.5epss 0.01

    In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.

  • CVE-2022-0382MedFeb 11, 2022
    risk 0.00cvss 5.5epss 0.00

    An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7…

  • CVE-2021-45402MedFeb 11, 2022
    risk 0.00cvss 5.5epss 0.00

    The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

  • CVE-2022-24959MedFeb 11, 2022
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.

  • CVE-2021-4154HigFeb 4, 2022
    risk 0.00cvss 8.8epss 0.01

    A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and…

  • CVE-2022-0286MedJan 31, 2022
    risk 0.00cvss 5.5epss 0.01

    A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.

  • CVE-2022-24122HigJan 29, 2022
    risk 0.00cvss 7.8epss 0.01

    kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.

  • CVE-2021-4083HigJan 18, 2022
    risk 0.00cvss 7.0epss 0.00

    A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or…

  • CVE-2021-46283MedJan 11, 2022
    risk 0.00cvss 5.5epss 0.00

    nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a…

  • CVE-2021-45485HigDec 25, 2021
    risk 0.00cvss 7.5epss 0.04

    In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

  • CVE-2021-44733HigDec 22, 2021
    risk 0.00cvss 7.0epss 0.01

    A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

  • CVE-2018-25020HigDec 8, 2021
    risk 0.00cvss 7.8epss 0.01

    The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and…

  • CVE-2021-43976MedNov 17, 2021
    risk 0.00cvss 4.6epss 0.01

    In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Page 24 of 33