699 matches found
SUSE CVE-2011-4110
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
SUSE CVE-2011-4132
The cleanupjournaltail function in the Journaling Block Device JBD functionality in the Linux kernel 2.6 allows local users to cause a denial of service assertion error and kernel oops via an ext3 or ext4 image with an "invalid log first block value."...
SUSE CVE-2014-5077
The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by starting to establish an association between two endpoints immediately after an...
SUSE CVE-2017-8797
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...
Exploiting null-dereferences in the Linux kernel
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly exploitable kernel bug class. Back when the kernel was able to access userland memory without restriction, and userland programs were still able to map the zero page, there were many easy techniques for...
PT-2025-53175
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc8+ 15 Description The Linux kernel contains a flaw in the drm/i915/gvt subsystem related to the destruction of gvt debugfs. Specifically, a missing sanity check when destroying the gvt debugfs can lead to...
PT-2025-37898
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The btrtl set quirks function accessed a memory location without verifying its validity, potentially leading to a kernel error when a Realtek Bluetooth controller without a supported...
DEBIAN-CVE-2022-47939
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...
AZL-12093 CVE-2022-47938 affecting package kernel for versions less than 5.15.86.1-1
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5774-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5774-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...
Denial Of Service (DoS)
Linux kernel’s KVM is vulnerable to denial of service. The vulnerability exists due to a NULL pointer dereference which allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
kernel: KVM: NULL pointer dereference in kvm_irq_delivery_to_apic_fast()
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...
kernel: KVM: NULL pointer dereference in kvm_dirty_ring_push in virt/kvm/dirty_ring.c
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
DEBIAN-CVE-2022-2153
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...
AZL-10794 CVE-2022-2153 affecting package kernel for versions less than 5.15.67.1-4
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...
CVE-2022-1263
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
CVE-2022-1263
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
CVE-2022-1263
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
Null pointer dereference
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...
UBUNTU-CVE-2022-2153
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...