Lucene search
K

6634 matches found

CVE
CVE
added 2024/02/15 4:52 a.m.80 views

CVE-2022-23084

CVE-2022-23084 concerns the FreeBSD netmap component. The vulnerability is a time-of-check to time-of-use bug in nmreq_copyin(): the total size of a user-provided nmreq is computed and then trusted during the copy, enabling kernel memory corruption. Impact requires netmap in devfs_ruleset; a priv...

7.8CVSS6.3AI score0.00243EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/15 4:52 a.m.25 views

CVE-2022-23084 Potential jail escape vulnerabilities in netmap

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

6.5AI score0.00243EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.6 views

PT-2024-11053 · Unknown · Asp Secure Os

Name of the Vulnerable Software and Affected Versions: ASP Secure OS affected versions not specified Description: The issue is related to insufficient checking of memory buffer in ASP Secure OS, which may allow an attacker with a malicious TA to read or write to the ASP Secure OS kernel virtual...

7.8CVSS7.5AI score0.00178EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/07 4:33 p.m.2 views

kernel: eBPF verification flaw

A vulnerability was found in Linux Kernel, where a type confusion problem in checkmapfunccompatibility may lead to free arbitrary kernel memory...

8.8CVSS7.4AI score0.00972EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/07 4:33 p.m.1 views

kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers videousercopy function. The highest threat from this vulnerability is to system availability...

6.2CVSS6.6AI score0.00372EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/07 12:0 a.m.91 views

RHEL 8 : kernel (RHSA-2024:0724)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0724 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in schqfq netwo...

8.8CVSS7.5AI score0.12746EPSS
Exploits23References109
Microsoft CVE
Microsoft CVE
added 2024/02/06 8:0 a.m.5 views

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes which allows local users to obtain sensitive information from kernel memory cause a denial of service (memory corruption and system crash) or possibly gain privileges via a writev system call with a crafted pointer.

...

7.2CVSS6.1AI score0.00414EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.7 views

The vulnerability of the Neural Engine component of the macOS operating system allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the macOS operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with kernel privileges...

7.8CVSS8AI score0.00224EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.3 views

PT-2025-5830 · Kaspersky · Kaspersky For Windows +10

Name of the Vulnerable Software and Affected Versions: Kaspersky Anti-Virus SDK for Windows affected versions not specified Kaspersky Security for Virtualization Light Agent affected versions not specified Kaspersky Endpoint Security for Windows affected versions not specified Kaspersky Small...

5.3CVSS7.3AI score0.00122EPSS
Exploits0References9
OSV
OSV
added 2024/01/30 3:15 p.m.1 views

UBUNTU-CVE-2024-0564

A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging KSM, added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page...

6.5CVSS7.2AI score0.00623EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/01/30 1:28 p.m.5 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.9AI score0.03546EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/30 12:31 p.m.5 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.9AI score0.03546EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/01/26 8:0 a.m.4 views

Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

...

7.8CVSS6.5AI score0.00308EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/01/25 9:45 a.m.5 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.8AI score0.03546EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/25 8:13 a.m.5 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.8AI score0.03546EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/25 8:13 a.m.1 views

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

7CVSS6.6AI score0.002EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/23 5:54 p.m.2 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.8AI score0.03546EPSS
Exploits0References5
CNVD
CNVD
added 2024/01/12 12:0 a.m.57 views

Linux kernel code issue vulnerability (CNVD-2024-06235)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from vhostnewmsg in drivers/vhost/vhost.c failing to properly initialize memory in messages passed between a...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/11 11:30 p.m.3 views

CVE-2024-0443 Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgrouprstatflush is only called at cssreleaseworkfn, which is called when the blkcg reference count reaches 0. This circula...

5.5CVSS5.2AI score0.00247EPSS
Exploits0References6
NVD
NVD
added 2024/01/10 10:15 p.m.18 views

CVE-2023-38610

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to cause unexpected system termination or write kernel memory...

7.1CVSS6.3AI score0.00206EPSS
Exploits0References4
Rows per page
Query Builder