Lucene search
K

10854 matches found

UbuntuCve
UbuntuCve
added 2021/12/16 12:0 a.m.95 views

CVE-2021-39685

In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS7AI score0.00461EPSS
Exploits2References12
RedhatCVE
RedhatCVE
added 2021/12/15 2:52 p.m.75 views

CVE-2021-44733

A use-after-free flaw in the Linux kernel TEE Trusted Execution Environment subsystem was found in the way user calls ioctl TEEIOCOPENSESSION or TEEIOCINVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with t...

7.4CVSS7.5AI score0.007EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2021/12/14 12:0 a.m.2 views

PT-2021-6253 · Microsoft · Windows +2

Name of the Vulnerable Software and Affected Versions: Microsoft Local Security Authority LSA Server affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Microsoft Local Security Authority Subsystem Service LSASS of the Microsoft...

6.8CVSS6.5AI score0.03246EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.12 views

The vulnerability of the Dallas Lock Linux event registration subsystem, related to memory release errors, allows a intruder to trigger a service failure on the workstation.

The vulnerability of the Dallas Lock Linux event registration subsystem is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a system failure by injecting a specially created executable script into the operating system...

5.9CVSS5.5AI score
Exploits0Affected Software1
Amazon
Amazon
added 2021/12/10 12:0 a.m.49 views

Medium: kernel

Issue Overview: A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory...

7CVSS6.3AI score0.01215EPSS
Exploits2
NVD
NVD
added 2021/12/08 5:15 a.m.22 views

CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS0.00505EPSS
Exploits0References3
OSV
OSV
added 2021/12/08 5:15 a.m.25 views

CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2021/12/08 5:15 a.m.32 views

Buffer overflow

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

4.6CVSS7.2AI score0.00505EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/12/08 5:15 a.m.44 views

CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS7.2AI score0.00505EPSS
Exploits0References3
OSV
OSV
added 2021/12/08 5:15 a.m.3 views

UBUNTU-CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS7.2AI score0.00505EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/12/08 4:47 a.m.28 views

CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.2AI score0.00505EPSS
Exploits0References3
CVE
CVE
added 2021/12/08 4:47 a.m.189 views

CVE-2018-25020

Summary of CVE-2018-25020 (Linux kernel BPF): The vulnerability is in the BPF subsystem where a long jump over an instruction sequence can cause an overflow. It specifically affects the kernel's BPF implementations in files kernel/bpf/core.c and net/core/filter.c, for Linux kernels prior to 4.17....

7.8CVSS7.1AI score0.00505EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2021/12/08 4:47 a.m.43 views

CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS6.4AI score0.00505EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/30 11:48 p.m.102 views

USN-5165-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface NCI implementation. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3760 It was discovered...

9.8CVSS7.6AI score0.57853EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/11/30 10:22 p.m.117 views

USN-5162-1: Linux kernel vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS7AI score0.00537EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2021/11/29 3:21 p.m.26 views

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

4.9CVSS1.2AI score0.00393EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2021/11/19 5:24 p.m.62 views

CVE-2021-43976

A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype. Mitigation Mitigation for this issue is either not available or...

4.6CVSS6.3AI score0.00648EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.37 views

SUSE SLES12: kernel-livepatch-4_12_14-150_63-default / etc (SUSE-SU-2021:3684-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3684-1 advisory. This update for the Linux Kernel 4.12.14-12251 fixes several issues. The following security issues were fixed: - CVE-2021-0935: Fixed...

7.9CVSS6.8AI score0.01751EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2021/11/15 12:0 a.m.2 views

PT-2021-6401 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.26 and prior Description: The issue is related to errors in resource release in the MySQL Server component, specifically in the Optimizer subsystem. This can be exploited by a remote attacker to cause a denial of...

10CVSS7AI score0.87816EPSS
Exploits22References786
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-5137-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.02014EPSS
Exploits6References2
Rows per page
Query Builder