Lucene search
K

251 matches found

RedhatCVE
RedhatCVE
added 2024/07/16 11:25 p.m.35 views

CVE-2022-48805

In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179178a: Fix out-of-bounds accesses in RX fixup ax88179rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...

7.1CVSS7.6AI score0.00316EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.10 views

kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...

4.3CVSS7AI score0.01657EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/12/11 9:51 a.m.40 views

CVE-2023-50431

An information leak vulnerability was found in the Linux kernel. This issue occurs because of a missing initialization in the habanalabs driver, resulting in a leak of kernel heap data to user space...

5.5CVSS5AI score0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/29 12:0 a.m.12 views

PT-2023-8716

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified kernel-image-rpi-un version 6.1.77-alt1 Description The Linux kernel contains a flaw within the ksmbd module, specifically in the ksmbd decode ntlmssp auth blob function. This issue relates to a...

10CVSS8.5AI score0.71737EPSS
Exploits53References299
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.37 views

CBL Mariner 2.0 Security Update: kernel (CVE-2022-3028)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3028 advisory. - A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when...

7CVSS6.6AI score0.002EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:17 p.m.92 views

K74171196: Linux kernel vulnerability CVE-2016-4998

Security Advisory Description The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root...

7.1CVSS6.8AI score0.01885EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.6 views

SUSE CVE-2012-6536

net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...

2.1CVSS5.9AI score0.0037EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.6 views

SUSE CVE-2012-6538

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

1.9CVSS6AI score0.00345EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS5.3AI score0.00388EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.3 views

SUSE CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.4CVSS6.2AI score0.00161EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.11 views

SUSE CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.7CVSS7.1AI score0.05524EPSS
Exploits2References40
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.5 views

CVE-2023-20949

In s2mpg11pmicprobe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

5.3AI score0.00091EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.40 views

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2023-1223)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to...

7.8CVSS7.5AI score0.12746EPSS
Exploits24References25
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.34 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

8.8CVSS7.5AI score0.04947EPSS
Exploits7References12
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.33 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9998)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9998 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34610032 CVE-2022-3028 Tenable has extracted the preceding description block directly from...

7CVSS6.8AI score0.002EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/14 12:0 a.m.57 views

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-150)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-150 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

7.8CVSS7.1AI score0.12746EPSS
Exploits19References39
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.20 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9871 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

7CVSS6.8AI score0.00612EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.7 views

kernel: heap overflow in nft_set_elem_init()

A heap buffer overflow flaw was found in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFTDATAVERDICT type. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.8AI score0.05451EPSS
Exploits10References7
OPENSUSE Linux
OPENSUSE Linux
added 2022/09/01 12:0 a.m.60 views

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2177-1 Rating: important References: 1055117 1061840 1065729 1103269 1118212 1153274 1154353 1156395 1158266 1167773 1176447 1177282 1178134 1180100 1183405 1188885 1195826 1196426 1196478 1196570...

8.4CVSS7.1AI score0.06451EPSS
Exploits11References62
NVD
NVD
added 2022/08/31 4:15 p.m.22 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS0.002EPSS
Exploits0References8
Rows per page
Query Builder