Lucene search
K

10854 matches found

CNVD
CNVD
added 2022/02/18 12:0 a.m.21 views

Linux kernel elevation of privilege vulnerability (CNVD-2022-68618)

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable to an elevation of privilege vulnerability due to a post-release usage flaw in the Linux kernel's Managed Component Transport Protocol MCTP subsystem, which could be exploited ...

7.8CVSS2.6AI score0.00337EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/02/18 12:0 a.m.33 views

CVE-2022-0646

A flaw use after free in the Linux kernel Management Component Transport Protocol MCTP subsystem was found in the way user triggers cancelworksync after the unregisternetdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It...

7.8CVSS7AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/18 12:0 a.m.44 views

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5294-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5294-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacker could use...

7.8CVSS7.7AI score0.05918EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2022/02/18 12:0 a.m.50 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0477-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0477-1 advisory. - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instruction...

7.8CVSS7.2AI score0.0407EPSS
Exploits4References72
Ubuntu
Ubuntu
added 2022/02/17 6:11 a.m.160 views

USN-5267-3: Linux kernel (Raspberry Pi) vulnerabilities

USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local...

7.9CVSS6.9AI score0.01751EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/02/17 12:0 a.m.34 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0007)

The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. CVE-2021-0129 - In eploopcheckproc of eventpoll.c, there is a possible way to...

7.9CVSS7.1AI score0.01751EPSS
Exploits2References13
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/16 10:9 p.m.48 views

Security Bulletin: Vulnerability in Linux Kernel affects ProtecTIER: Dirty COW vulnerability (CVE-2016-5195)

Summary A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An attacker could exploit this vulnerability to gain write access to read-only memory mappings and elevated privileges on the system...

7.2CVSS1.1AI score0.83524EPSS
Exploits81Affected Software1
NVD
NVD
added 2022/02/16 8:15 p.m.22 views

CVE-2022-25258

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests ones with a large array index and ones associated with NULL function pointer retrieval. Memory corruption might occur...

4.9CVSS0.00927EPSS
Exploits0References9
OSV
OSV
added 2022/02/16 7:15 p.m.6 views

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to...

7.1CVSS7.1AI score
Exploits0References8
CVE
CVE
added 2022/02/16 12:0 a.m.352 views

CVE-2022-25258

The CVE-2022-25258 issue affects the Linux kernel USB Gadget subsystem, specifically drivers/usb/gadget/composite.c, where interface OS descriptor requests with large indices or NULL function pointer handling were not properly validated, enabling memory corruption. It affects kernels before 5.16....

4.9CVSS5.6AI score0.00927EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.2 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel versions prior to 5.16.10 are vulnerable due to a failure to properly validate interface OS descriptor requests in the USB gadget subsystem. A local attacker could exploit this vulnerabilit...

4.9CVSS5.5AI score0.00927EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2022/02/16 12:0 a.m.41 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9148)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9148 advisory. - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 - tee: handle lookup of shm with reference...

8.4CVSS7AI score0.25151EPSS
Exploits27References7
Tenable Nessus
Tenable Nessus
added 2022/02/16 12:0 a.m.55 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9147)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9147 advisory. - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 - tee: handle lookup of shm with reference...

8.4CVSS7AI score0.25151EPSS
Exploits27References7
Positive Technologies
Positive Technologies
added 2022/02/16 12:0 a.m.10 views

PT-2022-1368 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.10 Description: The issue is related to the USB Gadget subsystem in the Linux kernel, which lacks certain validation of interface OS descriptor requests. This can lead to memory corruption. The vulnerabilit...

9.8CVSS7.5AI score0.88106EPSS
Exploits297References1194
RedhatCVE
RedhatCVE
added 2022/02/15 10:11 p.m.42 views

CVE-2021-45402

A memory leak flaw was found in the Linux kernel’s BPF subsystem in the way a user triggers the checkaluop function of the BPF verifier. This flaw allows a local user to obtain unauthorized memory access or potentially crash the system. Mitigation The default Red Hat Enterprise Linux kernel...

5.5CVSS1.8AI score0.00416EPSS
Exploits1References6
Mageia
Mageia
added 2022/02/15 8:50 p.m.69 views

Updated microcode packages fix security vulnerabilities

Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access CVE-2021-0127 / SA-00532...

6.8CVSS3.1AI score0.01001EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/02/11 12:0 a.m.6 views

PT-2022-7357 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.17-rc1 through 5.17-rc5 Description: A flaw in the Linux kernel Management Component Transport Protocol MCTP subsystem was found, related to use after free. This issue can be triggered by a local user, allowing them to...

7.8CVSS7.2AI score0.00337EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2022/02/11 12:0 a.m.45 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:0366-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0366-1 advisory. - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner...

7.8CVSS7.3AI score0.07709EPSS
Exploits14References105
Tenable Nessus
Tenable Nessus
added 2022/02/11 12:0 a.m.35 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:0367-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0367-1 advisory. The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

9CVSS7.5AI score0.67994EPSS
Exploits16References105
Tenable Nessus
Tenable Nessus
added 2022/02/11 12:0 a.m.37 views

SUSE SLES12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:0362-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0362-1 advisory. The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were...

7.8CVSS7.1AI score0.0407EPSS
Exploits4References74
Rows per page
Query Builder