Lucene search
K

252 matches found

osv
osv
added 2022/08/31 4:15 p.m.6 views

AZL-10822 CVE-2022-3028 affecting package kernel for versions less than 5.15.67.1-4

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.6AI score0.00202EPSS
Exploits0References1
prion
prion
added 2022/08/31 4:15 p.m.31 views

Race condition

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

3.5CVSS6.8AI score0.00202EPSS
Exploits0References8Affected Software3
ubuntucve
ubuntucve
added 2022/08/31 4:15 p.m.47 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.7AI score0.00202EPSS
Exploits0References14
cve
cve
added 2022/08/31 12:0 a.m.390 views

CVE-2022-3028

CVE-2022-3028 describes a race condition in the Linux kernel’s IP framework (XFRM) where concurrent calls to xfrm_probe_algs can cause an out-of-bounds read that may be copied into a socket, or an out-of-bounds write, enabling a local attacker to leak kernel memory or crash the kernel. Connected ...

7CVSS6.9AI score0.00202EPSS
Exploits0References8Affected Software1
cvelist
cvelist
added 2022/08/31 12:0 a.m.25 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7.2AI score0.00202EPSS
Exploits0References8
debiancve
debiancve
added 2022/08/31 12:0 a.m.46 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6AI score0.00202EPSS
Exploits0
redhatcve
redhatcve
added 2022/08/29 2:43 p.m.42 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

6.7CVSS6.9AI score0.00202EPSS
Exploits0References4
nvd
nvd
added 2022/08/24 2:15 p.m.25 views

CVE-2021-0887

In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

5.5CVSS0.00093EPSS
Exploits0References1
nvd
nvd
added 2022/08/24 2:15 p.m.18 views

CVE-2021-0698

In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroi...

5.5CVSS0.00093EPSS
Exploits0References1
prion
prion
added 2022/08/24 2:15 p.m.17 views

Design/Logic Flaw

In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

1.7CVSS5.1AI score0.00093EPSS
Exploits0References1
prion
prion
added 2022/08/24 2:15 p.m.24 views

Design/Logic Flaw

The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If this method fails th...

5CVSS7.5AI score0.00272EPSS
Exploits0References1
prion
prion
added 2022/08/24 2:15 p.m.18 views

Design/Logic Flaw

In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroi...

1.7CVSS5.1AI score0.00093EPSS
Exploits0References1
cvelist
cvelist
added 2022/08/24 1:36 p.m.25 views

CVE-2021-0887

In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

5.3AI score0.00093EPSS
Exploits0References1
cve
cve
added 2022/08/24 1:36 p.m.116 views

CVE-2021-0887

CVE-2021-0887 describes a leak of kernel heap content in PVRSRVBridgeHeapCfgHeapConfigName due to uninitialized data, enabling local information disclosure without extra privileges or user interaction. This affects Android environments utilizing PowerVR-GPU components and is reflected across mult...

5.5CVSS5AI score0.00093EPSS
Exploits0References1Affected Software1
cve
cve
added 2022/08/24 1:35 p.m.125 views

CVE-2021-0698

CVE-2021-0698 involves a leak of kernel heap content in PVRSRVBridgeHeapCfgHeapDetails due to uninitialized data, enabling local information disclosure without extra privileges or user interaction. Affected component/driver appears to be PowerVR-GPU (Imagination Technologies) within Android envir...

5.5CVSS5AI score0.00093EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/08/24 1:35 p.m.23 views

CVE-2021-0698

In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroi...

5.3AI score0.00093EPSS
Exploits0References1
osv
osv
added 2022/08/01 12:0 a.m.8 views

ASB-A-236848817

In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.4AI score0.00093EPSS
Exploits0References1
osv
osv
added 2022/08/01 12:0 a.m.12 views

ASB-A-236848165

In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.4AI score0.00093EPSS
Exploits0References1
redhat
redhat
added 2022/06/28 12:34 p.m.6 views

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS6.8AI score0.05524EPSS
Exploits2References5
redhat
redhat
added 2022/06/28 12:5 p.m.17 views

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS6.8AI score0.05524EPSS
Exploits2References5
Rows per page
Query Builder