Lucene search
+L

14 matches found

RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.11 views

kernel: vhost/vsock: always initialize seqpacket_allow

Improper handling of seqpacketallow initialization was found in the Linux kernel in drivers/vhost/vsock.c...

7.8CVSS6.8AI score0.00216EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.47 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6681-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6681-1 advisory. Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing...

7.8CVSS7.4AI score0.01657EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/02/20 12:35 p.m.3 views

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...

7.1CVSS6.6AI score0.00251EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.5 views

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem...

7.1CVSS6.6AI score0.00251EPSS
Exploits0References5
NVD
NVD
added 2023/09/25 4:15 p.m.24 views

CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

6.5CVSS7.3AI score0.00199EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/04/05 12:0 a.m.40 views

CVE-2023-1838

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem...

7.1CVSS6.8AI score0.00251EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/04/04 4:43 p.m.37 views

CVE-2023-1838

A use-after-free flaw was found in vhostnetsetbackend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem. Mitigation This flaw can be...

7.1CVSS6.3AI score0.00251EPSS
Exploits0References4
Veracode
Veracode
added 2021/05/24 9:29 a.m.28 views

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. A use-after-free in drivers/vhost/vdpa.c as v-configctx has an invalid value upon re-opening a character device...

7.8CVSS4AI score0.00318EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/03/29 12:0 a.m.17 views

Linux kernel post-release reuse vulnerability (CNVD-2021-24270)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in drivers/vhost/vdpa.c in Linux kernel versions prior to 5.11.9. The...

7.8CVSS6.4AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2021/03/26 9:35 p.m.191 views

CVE-2021-29266

CVE-2021-29266 affects the Linux kernel prior to 5.11.9. The use-after-free vulnerability is in drivers/vhost/vdpa.c where v->config_ctx may hold an invalid value when a character device is reopened, enabling a use-after-free scenario. The issue is addressed in ChangeLog-5.11.9 (kernel patch f...

7.8CVSS7.2AI score0.00318EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/15 12:0 a.m.100 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1255-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containing...

10CVSS7.6AI score0.16908EPSS
Exploits15References192
Cvelist
Cvelist
added 2020/03/24 9:3 p.m.36 views

CVE-2020-10942

In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls...

6.3AI score0.00962EPSS
Exploits1References15
Debian CVE
Debian CVE
added 2020/03/24 9:3 p.m.38 views

CVE-2020-10942

In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls...

5.4CVSS6.6AI score0.00962EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/05/12 12:0 a.m.42 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3022 advisory. - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721962 CVE-2013-6383 Tenable has extracted the preceding description block...

6.9CVSS6.8AI score0.00816EPSS
Exploits1References3
Rows per page
Query Builder