Lucene search
K

105 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.6 views

SUSE CVE-2012-6538

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

1.9CVSS6AI score0.00345EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.3 views

SUSE CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.4CVSS6.2AI score0.00161EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.40 views

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2023-1223)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to...

7.8CVSS7.5AI score0.12746EPSS
Exploits24References25
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.34 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

8.8CVSS7.5AI score0.04947EPSS
Exploits7References12
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.33 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9998)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9998 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34610032 CVE-2022-3028 Tenable has extracted the preceding description block directly from...

7CVSS6.8AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/14 12:0 a.m.57 views

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-150)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-150 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

7.8CVSS7.1AI score0.12746EPSS
Exploits19References39
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.20 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9871 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

7CVSS6.8AI score0.00612EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2022/09/01 12:0 a.m.60 views

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2177-1 Rating: important References: 1055117 1061840 1065729 1103269 1118212 1153274 1154353 1156395 1158266 1167773 1176447 1177282 1178134 1180100 1183405 1188885 1195826 1196426 1196478 1196570...

8.4CVSS7.1AI score0.06451EPSS
Exploits11References62
NVD
NVD
added 2022/08/31 4:15 p.m.22 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS0.00202EPSS
Exploits0References8
Prion
Prion
added 2022/08/31 4:15 p.m.31 views

Race condition

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

3.5CVSS6.8AI score0.00202EPSS
Exploits0References8Affected Software3
UbuntuCve
UbuntuCve
added 2022/08/31 4:15 p.m.47 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.7AI score0.00202EPSS
Exploits0References14
CVE
CVE
added 2022/08/31 12:0 a.m.390 views

CVE-2022-3028

CVE-2022-3028 describes a race condition in the Linux kernel’s IP framework (XFRM) where concurrent calls to xfrm_probe_algs can cause an out-of-bounds read that may be copied into a socket, or an out-of-bounds write, enabling a local attacker to leak kernel memory or crash the kernel. Connected ...

7CVSS6.9AI score0.00202EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2022/08/31 12:0 a.m.46 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6AI score0.00202EPSS
Exploits0
Cvelist
Cvelist
added 2022/08/31 12:0 a.m.25 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7.2AI score0.00202EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2022/08/29 2:43 p.m.42 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

6.7CVSS6.9AI score0.00202EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/15 12:0 a.m.38 views

SUSE: Security Advisory (SUSE-SU-2022:2078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.06451EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/05/27 12:0 a.m.49 views

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1779)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attack...

9CVSS7.1AI score0.67994EPSS
Exploits18References10
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.125 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5415-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5415-1 advisory. Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically...

8.8CVSS7AI score0.021EPSS
Exploits12References9
NVD
NVD
added 2022/05/10 8:15 p.m.23 views

CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

4.6CVSS0.00361EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/10 7:56 p.m.26 views

CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

5.5AI score0.00361EPSS
Exploits0References1
Rows per page
Query Builder