Lucene search
K

10852 matches found

OSV
OSV
added 2022/03/25 7:15 p.m.4 views

CVE-2021-4157

An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system...

8CVSS7.7AI score
Exploits0References4
Prion
Prion
added 2022/03/25 7:15 p.m.23 views

Out-of-bounds

A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system...

7.2CVSS7.3AI score0.00346EPSS
Exploits0References9Affected Software2
Prion
Prion
added 2022/03/25 7:15 p.m.30 views

Design/Logic Flaw

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.2CVSS7.1AI score0.06197EPSS
Exploits10References5Affected Software2
Debian CVE
Debian CVE
added 2022/03/25 6:3 p.m.91 views

CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.8CVSS7.1AI score0.06197EPSS
Exploits10
Debian CVE
Debian CVE
added 2022/03/25 6:3 p.m.43 views

CVE-2022-0500

A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system...

7.8CVSS6.9AI score0.00346EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/03/25 12:0 a.m.49 views

CVE-2022-1048

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges ...

7CVSS6.7AI score0.00238EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2022/03/24 7:5 p.m.49 views

CVE-2022-1048

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges ...

7CVSS0.6AI score0.00238EPSS
Exploits0References4
OSV
OSV
added 2022/03/23 11:15 p.m.3 views

CVE-2022-25268

Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems...

8.8CVSS5.8AI score0.00401EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/23 11:15 p.m.3 views

CVE-2022-25268

Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems...

8.8CVSS7.2AI score0.00401EPSS
Exploits0References3
NVD
NVD
added 2022/03/23 8:15 p.m.22 views

CVE-2021-4197

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

7.8CVSS0.00541EPSS
Exploits0References6
NVD
NVD
added 2022/03/23 8:15 p.m.18 views

CVE-2022-0854

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space...

5.5CVSS0.00465EPSS
Exploits1References4
OSV
OSV
added 2022/03/23 8:15 p.m.7 views

CVE-2022-0854

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space...

5.5CVSS7AI score
Exploits0References4
Prion
Prion
added 2022/03/23 8:15 p.m.30 views

Memory corruption

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space...

2.1CVSS5.5AI score0.00465EPSS
Exploits1References4Affected Software2
UbuntuCve
UbuntuCve
added 2022/03/23 8:15 p.m.48 views

CVE-2022-0854

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space...

5.5CVSS6.7AI score0.00465EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/23 7:46 p.m.21 views

CVE-2021-4197

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

8.1AI score0.00541EPSS
Exploits0References6
CVE
CVE
added 2022/03/23 7:46 p.m.375 views

CVE-2022-0854

CVE-2022-0854 is a memory leak flaw in the Linux kernel DMA subsystem (DMA_FROM_DEVICE) that could allow a local authenticated attacker to read random kernel memory, exposing data. The IBM Security Bulletin for IBM Storage Scale System lists CVE-2022-0854 among Linux kernel DMA swiotlb-related is...

5.5CVSS5.7AI score0.00465EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2022/03/23 7:46 p.m.45 views

CVE-2022-0854

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space...

5.5CVSS5.4AI score0.00465EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2022/03/22 2:25 p.m.27 views

Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 1)

This post is the first of a multi-part blog series that will explore and highlight the different risks that Windows Subsystem for Linux WSL poses to an enterprise IT environment. Here we examine a new Microsoft feature for GNU\Linux that increases the attack surface and introduces a lot more...

0.8AI score
Exploits0
OSV
OSV
added 2022/03/22 7:26 a.m.9 views

USN-5338-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, lnux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Jürgen Groß discovered that the Xen subsystem within the...

9CVSS7.3AI score0.67994EPSS
Exploits16References14
Ubuntu
Ubuntu
added 2022/03/22 6:27 a.m.211 views

USN-5337-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 Yiqi Sun and Kevin Wang discovered that the cgrou...

9.1CVSS7.6AI score0.67994EPSS
Exploits26
Rows per page
Query Builder