Lucene search
K

63 matches found

Cvelist
Cvelist
added 2025/05/01 1:7 p.m.16 views

CVE-2025-37773 virtiofs: add filesystem context source name check

In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...

0.00164EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.8 views

PT-2025-18454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been identified in the Linux kernel related to virtiofs, where in certain scenarios, such as during fuzz testing, the source name may be NULL. This could lead to a...

5.5CVSS6.6AI score0.00164EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2024/08/21 12:0 a.m.54 views

Linux Kernel Heap-Based Buffer Overflow Vulnerability

Linux kernel contains a heap-based buffer overflow vulnerability in the legacyparseparam function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges...

8.4CVSS8.4AI score0.25151EPSS
In wildExploits11
RedhatCVE
RedhatCVE
added 2024/04/17 4:59 p.m.16 views

CVE-2024-26822

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the...

5.5CVSS7.2AI score0.00225EPSS
Exploits0References4
NVD
NVD
added 2024/04/17 10:15 a.m.13 views

CVE-2024-26822

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References5
OSV
OSV
added 2024/04/17 10:15 a.m.0 views

DEBIAN-CVE-2024-26822

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/17 9:43 a.m.14 views

CVE-2024-26822 smb: client: set correct id, uid and cruid for multiuser automounts

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the...

6.9AI score0.00225EPSS
Exploits0References5
OSV
OSV
added 2024/04/17 9:43 a.m.5 views

CVE-2024-26822 smb: client: set correct id, uid and cruid for multiuser automounts

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2024/04/15 2:42 a.m.448 views

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

CVE-2022-0185-Case-Study This case study is a result of an as...

8.4CVSS7.8AI score0.25151EPSS
Exploits11
VulnCheck KEV
VulnCheck KEV
added 2024/03/21 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-0185

Linux kernel contains a heap-based buffer overflow vulnerability in the legacyparseparam function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges...

8.4CVSS7.2AI score0.25151EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.43 views

Rocky Linux 8 : kernel (RLSA-2022:0188)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0188 advisory. - A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attack...

8.4CVSS7.3AI score0.25151EPSS
Exploits11References5
Amazon
Amazon
added 2023/03/22 12:0 a.m.31 views

Important: kernel

Issue Overview: AMD recommends using a software mitigation for this issue, which the kernel is enabling by default. The Linux kernel will use the generic retpoline software mitigation, instead of the specialized AMD one, on AMD instances 5a. This is done by default, and no administrator action is...

9.1CVSS5AI score0.89063EPSS
Exploits197
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.5 views

SUSE CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

7.8CVSS6.8AI score0.25151EPSS
Exploits11References29
OSV
OSV
added 2022/04/01 1:11 a.m.9 views

USN-5362-1 linux-intel-5.13 vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

9.1CVSS7.3AI score0.89063EPSS
Exploits135References17
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.46 views

AlmaLinux 8 : kernel (ALSA-2022:0188)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0188 advisory. - A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verifie...

8.4CVSS7.3AI score0.25151EPSS
Exploits11References3
Amazon
Amazon
added 2022/03/08 12:0 a.m.4 views

Important: kernel-livepatch-5.10.82-83.359

Issue Overview: A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. CVE-2021-4155 A heap-based buffer...

8.4CVSS6.9AI score0.25151EPSS
Exploits11
Microsoft CVE
Microsoft CVE
added 2022/02/23 8:0 a.m.5 views

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

...

8.4CVSS7.7AI score0.25151EPSS
Exploits11
NVD
NVD
added 2022/02/11 6:15 p.m.34 views

CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

8.4CVSS0.25151EPSS
Exploits11References6
OSV
OSV
added 2022/02/11 6:15 p.m.2 views

DEBIAN-CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

8.4CVSS7.1AI score0.25151EPSS
Exploits11References1
OSV
OSV
added 2022/02/11 6:15 p.m.7 views

AZL-8578 CVE-2022-0185 affecting package kernel for versions less than 5.15.26.1-1

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

8.4CVSS7.1AI score0.25151EPSS
Exploits11References1
Rows per page
Query Builder