Lucene search
K

6633 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.3 views

SUSE CVE-2017-13694

The acpipscompletefinalop function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and nodeext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism ...

5.5CVSS6AI score0.00408EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.6 views

SUSE CVE-2017-18344

The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...

7.1CVSS6.3AI score0.03228EPSS
Exploits8References23
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

8.4CVSS7.5AI score0.00451EPSS
Exploits0References59
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.3 views

SUSE CVE-2018-8781

The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

7.8CVSS6.5AI score0.00502EPSS
Exploits0References61
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14625

A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte information leak or possibly intercept o...

5.3CVSS6.8AI score0.0033EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16658

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940...

4CVSS5.9AI score0.00552EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-16948

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSC...

7.5CVSS8.3AI score0.01992EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.3 views

SUSE CVE-2019-11884

The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character...

4CVSS6AI score0.00495EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

6CVSS6.3AI score0.00577EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

6.2CVSS6.9AI score0.00353EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.2 views

SUSE CVE-2020-28915

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

5.1CVSS6.1AI score0.00374EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.2 views

SUSE CVE-2021-0961

In quotaprocwrite of xtquota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.4CVSS5.3AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.7 views

SUSE CVE-2021-3444

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure kernel...

7CVSS6.6AI score0.0061EPSS
Exploits0References35
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.3 views

SUSE CVE-2021-20265

A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...

5.1CVSS5.7AI score0.00336EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.2 views

SUSE CVE-2021-34556

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack...

5.5CVSS8.5AI score0.00419EPSS
Exploits2References37
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.2 views

SUSE CVE-2021-35477

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled...

6.5CVSS6.2AI score0.0046EPSS
Exploits0References37
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.4 views

SUSE CVE-2021-39715

In showregs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.4CVSS4.1AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.2 views

SUSE CVE-2022-0264

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...

4.7CVSS6.4AI score0.00255EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.1 views

SUSE CVE-2022-2652

Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request reproduce e.g. with many %s modifiers in a row...

6CVSS6.5AI score0.00321EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.3 views

SUSE CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

6.2CVSS6AI score0.00357EPSS
Exploits0References19
Rows per page
Query Builder