Lucene search
K

768 matches found

UbuntuCve
UbuntuCve
added 2023/06/06 12:0 a.m.49 views

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

7.8CVSS7AI score0.08894EPSS
Exploits12References14
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.4 views

PT-2023-4062

Name of the Vulnerable Software and Affected Versions Ubuntu kernels affected versions not specified Description The issue is related to a local privilege escalation vulnerability in Ubuntu kernels, specifically in the overlayfs ovl copy up meta inode data function, which skips permission checks...

9.1CVSS7.3AI score0.08894EPSS
Exploits13References187
OSV
OSV
added 2023/06/01 1:15 a.m.8 views

AZL-27061 CVE-2023-2598 affecting package kernel for versions less than 5.15.116.1-1

A flaw was found in the fixed buffer registration code for iouring iosqebufferregister in iouring/rsrc.c in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation...

7.8CVSS7.2AI score0.01371EPSS
Exploits6References1
Cvelist
Cvelist
added 2023/05/30 11:12 p.m.35 views

CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

4.4CVSS5.7AI score0.00284EPSS
Exploits0References7
OSV
OSV
added 2023/04/19 11:15 p.m.12 views

AZL-26340 CVE-2023-2166 affecting package kernel for versions less than 5.15.111.1-1

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

5.5CVSS6.7AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2023/04/14 2:13 p.m.1 views

SUSE-SU-2023:1856-1 Security update for tftpboot-installation images

This update provides updated tftboot-installation images, rebuilt with current shim and kernels. bsc1209014 bsc1198581...

7.2AI score
Exploits0References3
OSV
OSV
added 2023/03/27 10:15 p.m.5 views

AZL-25932 CVE-2023-0179 affecting package kernel for versions less than 5.15.107.1-2

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution...

7.8CVSS7.2AI score0.01944EPSS
Exploits5References1
BDU FSTEC
BDU FSTEC
added 2023/03/20 12:0 a.m.7 views

The vulnerability of the AMD KVM subsystem for supporting embedded virtualization in Linux kernel allows a hacker to induce a service failure.

The vulnerability of the AMD KVM subsystem for supporting embedded virtualization in Linux operating systems’ kernels is related to improper handling of embedded termination processes. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References24Affected Software7
Packet Storm
Packet Storm
added 2023/03/06 12:0 a.m.280 views

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code

Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode fo...

0.7AI score0.00217EPSS
Exploits4
0day.today
0day.today
added 2023/03/06 12:0 a.m.461 views

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code Exploit

Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to multiple use-after-free conditions. Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code A central recurring theme in Linux MM development is that contention on the mmap lo...

7.8CVSS8AI score0.00217EPSS
Exploits4
F5 Networks
F5 Networks
added 2023/02/21 7:9 p.m.54 views

K17120: Linux kernel vulnerability CVE-2014-8134

Security Advisory Description The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that rea...

3.3CVSS5.6AI score0.00703EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.67 views

K32525759: Linux kernel vulnerability CVE-2021-3489

Security Advisory Description The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fix...

7.8CVSS7.1AI score0.0055EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.137 views

K17403481: Linux kernel vulnerability CVE-2018-8897

Security Advisory Description A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV ...

7.8CVSS7AI score0.18404EPSS
Exploits9Affected Software19
SUSE CVE
SUSE CVE
added 2023/02/15 6:22 a.m.3 views

SUSE CVE-2001-0851

Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie...

5CVSS6.9AI score0.03087EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.5 views

SUSE CVE-2004-1137

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via 1 the ipmcsource function, which decrements a counter to -1, or 2 the igmpmarksources function, whi...

10CVSS7.7AI score0.20825EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.5 views

SUSE CVE-2005-3806

The IPv6 flow label handling code ip6flowlabel.c in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service crash by triggering a free of non-allocated memory...

6.6CVSS6.7AI score0.00441EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-2451

The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service disk consumption and possibly gain privileges via the PRSETDUMPABLE argument of the prctl function and a program that causes a core dump fi...

4.6CVSS6.9AI score0.04387EPSS
Exploits17References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-3745

Unspecified vulnerability in the sctpmakeabortuser function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service panic and possibly gain root privileges via unknown attack vectors...

7.2CVSS6.8AI score0.00423EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.5 views

SUSE CVE-2008-1514

arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service kernel panic via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference...

4.9CVSS6.4AI score0.00529EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-5713

The qdiscrun function in net/sched/schgeneric.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service soft lockup by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in...

4.9CVSS6.3AI score0.00743EPSS
Exploits1References3
Rows per page
Query Builder