Lucene search
K

169 matches found

Debian CVE
Debian CVE
added 2025/02/26 1:55 a.m.8 views

CVE-2022-49197

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

5.5CVSS5.2AI score0.00259EPSS
Exploits0
OSV
OSV
added 2025/02/26 1:55 a.m.13 views

CVE-2022-49197 af_netlink: Fix shift out of bounds in group mask calculation

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

5.5CVSS6AI score0.00259EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.2 views

SUSE CVE-2009-1185

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space...

7.2CVSS6.9AI score0.81528EPSS
Exploits12References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-5532

The main function in tools/hv/hvkvpdaemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service daemon exit via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for...

4.9CVSS6.2AI score0.00407EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1763

Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...

7.2CVSS6.8AI score0.0418EPSS
Exploits12References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.3 views

SUSE CVE-2016-4486

The rtnlfilllinkifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

3.3CVSS7.2AI score0.0171EPSS
Exploits4References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-11600

net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX or less, which allows local users to cause a denial of service out-of-bounds access or possibly have unspecified other impact via an...

7.3CVSS6.9AI score0.00406EPSS
Exploits0References25
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10751

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages...

6.1CVSS6.3AI score0.00348EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.36 views

NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0002)

The remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - The Linux kernel before 5.1-rc5 allows page-refcount reference count overflow, with resultant use-after- free issues, if about 140 GiB of RAM exists. This is...

8.8CVSS7.1AI score0.03017EPSS
Exploits5References11
Rosalinux
Rosalinux
added 2021/07/02 5:8 p.m.33 views

Advisory ROSA-SA-2021-1859

Software: kernel 3.10.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-10751 CVE-Crit: MEDIUM CVE-DESC: A bug was discovered in the implementation of the SELinux LSM trap in Linux kernels prior to version 5.7, where it was incorrectly assumed that skb would only contain a single netlink message. The trap...

6.1CVSS6.8AI score0.00348EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.64 views

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1929)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsitransport...

7.8CVSS6.8AI score0.02079EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-1715)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.06563EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2021/04/12 12:0 a.m.161 views

openSUSE Security Update : the Linux Kernel (openSUSE-2021-532)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading...

9.8CVSS7.5AI score0.02503EPSS
Exploits4References116
Tenable Nessus
Tenable Nessus
added 2021/04/08 12:0 a.m.55 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1075-1)

This update for the Linux Kernel 4.12.14-122222 fixes several issues. The following security issues were fixed : CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGESIZE value bsc1183491. CVE-2021-27363: Fixed a kern...

7.8CVSS6.6AI score0.02079EPSS
Exploits3References10
NVD
NVD
added 2021/03/07 5:15 a.m.27 views

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

7.8CVSS0.02079EPSS
Exploits1References10
OSV
OSV
added 2021/03/07 5:15 a.m.3 views

DEBIAN-CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

7.8CVSS6.4AI score0.02079EPSS
Exploits1References1
OSV
OSV
added 2021/03/07 5:15 a.m.8 views

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

7.8CVSS7.5AI score
Exploits0References10
Prion
Prion
added 2021/03/07 5:15 a.m.34 views

Code injection

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

4.6CVSS7.3AI score0.02079EPSS
Exploits1References10Affected Software3
UbuntuCve
UbuntuCve
added 2021/03/07 5:15 a.m.42 views

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

7.8CVSS6.8AI score0.02079EPSS
Exploits1References11
Cvelist
Cvelist
added 2021/03/07 4:22 a.m.29 views

CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

7.8AI score0.02079EPSS
Exploits1References10
Rows per page
Query Builder