Lucene search
K

132 matches found

OSV
OSV
added 2025/05/16 4:11 p.m.5 views

USN-7512-1 linux-gcp-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.9AI score0.13626EPSS
Exploits3References129
OSV
OSV
added 2025/05/16 3:39 p.m.6 views

USN-7510-1 linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.6AI score0.13626EPSS
Exploits1References125
Tenable Nessus
Tenable Nessus
added 2025/05/16 12:0 a.m.12 views

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7515-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7515-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

8.1CVSS7.1AI score0.00737EPSS
Exploits2References135
SUSE CVE
SUSE CVE
added 2025/05/10 2:52 a.m.1 views

SUSE CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

5.5CVSS6.4AI score0.00222EPSS
Exploits0References3
NVD
NVD
added 2025/05/09 7:16 a.m.7 views

CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

5.5CVSS0.00222EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Ensure That Mounting for Unnecessary File System Is Removed

Linux supports multiple file systems through kernel objects loaded to the kernel. As a universal OS platform, openEuler provides various kernel object files in the /lib/modules/kernel version/kernel/fs/ directory to support different file systems. You can run the insmod or modprobe command to loa...

7.1AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.9 views

The vulnerability of the `ovl_dentry_update_reval()` function in the `fs/overlayfs/copy_up.c` file of the Linux kernel file system allows a attacker to cause a service failure.

The vulnerability of the ovldentryupdatereval function in the fs/overlayfs/copyup.c file of the Linux kernel file system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00182EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.5 views

The vulnerability of the ovl_lookup() function in the fs/overlayfs/namei.c module of the Linux file system allows a hacker to gain access to protected information.

The vulnerability of the ovllookup function in the fs/overlayfs/namei.c module of the Linux file system supports the kernel’s file system support. This vulnerability is related to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability can allow an...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References14Affected Software4
OSV
OSV
added 2025/03/27 4:48 p.m.15 views

USN-7380-1 linux-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.4AI score0.00737EPSS
Exploits3References308
OSV
OSV
added 2025/03/27 4:18 p.m.27 views

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.4AI score0.00737EPSS
Exploits2References309
OSV
OSV
added 2025/03/27 3:15 p.m.5 views

AZL-59405 CVE-2025-21887 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

7.8CVSS6.5AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 2:57 p.m.8 views

CVE-2025-21887 ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

7.8CVSS6.1AI score0.00182EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/03/27 2:57 p.m.9 views

CVE-2025-21887 ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

6.5AI score0.00182EPSS
Exploits0References7
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

DEBIAN-CVE-2024-56570

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...

7.8CVSS5.6AI score0.0023EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2024/07/04 3:29 p.m.155 views

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/04 12:0 a.m.154 views

Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6878-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6878-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

9.1CVSS6.9AI score0.01635EPSS
Exploits0References216
RedHat Linux
RedHat Linux
added 2024/07/02 9:2 a.m.4 views

kernel: ovl: fix leaked dentry

In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 "ovl: use only uppermetacopy state in ovllookup", overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when shutting down the related...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2024/06/14 5:24 p.m.133 views

USN-6817-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.150 views

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

9.1CVSS6.9AI score0.01635EPSS
Exploits0References215
Ubuntu
Ubuntu
added 2024/06/11 12:15 p.m.185 views

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Rows per page
Query Builder