Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2024/10/18 9:46 p.m.•44 views

K000141500: Intel BIOS vulnerability CVE-2024-23599

Security Advisory Description Race condition in Seamless Firmware Updates for some IntelR reference platforms may allow a privileged user to potentially enable denial of service via local access. CVE-2024-23599 Impact Attackers may exploit this vulnerability to enable privilege escalation via loc...

8.3CVSS7AI score0.00123EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2024/09/12 2:53 a.m.•44 views

K000141045: OpenSSH vulnerability CVE-2024-39894

Security Advisory Description OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., for su and Sudo because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur. CVE-2024-39894 Impact There...

7.5CVSS6.2AI score0.01634EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/09/02 8:43 a.m.•44 views

K000140910: MySQL Server vulnerability CVE-2024-21177

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

6.5CVSS6.3AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/07/31 7:4 p.m.•44 views

K000140528: BIND vulnerability CVE-2024-0760

Security Advisory Description A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions...

7.5CVSS8.1AI score0.0468EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/07/22 10:18 p.m.•44 views

K000140405: Multiple OpenJDK vulnerabilities

Security Advisory Description CVE-2024-21147 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1;...

7.4CVSS5.8AI score0.01257EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/29 1:32 p.m.•44 views

K000139609: NGINX HTTP/3 QUIC vulnerability CVE-2024-32760

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause other potential impact. CVE-2024-32760 Note : This issue affects NGINX systems compiled with the...

6.5CVSS7.2AI score0.00848EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/05/29 2:39 a.m.•44 views

K000139810: Oracle Java vulnerability CVE-2024-20919

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:...

5.9CVSS5.4AI score0.00792EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/10 8:34 a.m.•44 views

K000139570: UNIX CPIO vulnerability CVE-2023-7216

Security Advisory Description A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended...

5.3CVSS5.5AI score0.00899EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/05/08 1:15 p.m.•44 views

K000138636: BIG-IP Configuration utility XSS vulnerability CVE-2024-31156

Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. CVE-2024-31156 Impact An authenticated attacker may exploit thi...

8CVSS5.5AI score0.00582EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/03/05 4:10 a.m.•44 views

K000138814: OpenLDAP vulnerability CVE-2023-2953

Security Advisory Description A vulnerability was found in openldap. This security flaw causes a null pointer dereference in bermemallocx function. CVE-2023-2953. Impact This vulnerability may result in low system memory leading to failure in LDAP authentication. Security Advisory Status F5 Produ...

7.5CVSS6.7AI score0.01947EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2024/02/15 7:15 p.m.•44 views

K000138629: Python vulnerability CVE-2022-48560

Security Advisory Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...

7.5CVSS7.6AI score0.0177EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/02/14 1:14 p.m.•44 views

K32544615: BIG-IP iControl REST API vulnerability CVE-2024-22389

Security Advisory Description When BIG-IP is deployed in high availability HA and an iControl REST API token is updated, the change does not sync to the peer device. CVE-2024-22389 Impact This vulnerability may allow a high privileged remote authenticated attacker to use deleted or updated API...

7.2CVSS6.9AI score0.00497EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/02/07 5:6 a.m.•44 views

K000138511: Linux kernel vulnerability CVE-2023-38427

Security Advisory Description An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts. CVE-2023-38427 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

9.8CVSS6.5AI score0.01139EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/12/19 5:43 p.m.•44 views

K000137965: Apache Tomcat vulnerability CVE-2023-45648

Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid...

5.3CVSS7.8AI score0.05848EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/10/26 4:27 p.m.•44 views

K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747

Security Advisory Description Undisclosed requests may bypass Configuration utility authentication. CVE-2023-46747 Impact This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary...

9.8CVSS10AI score0.96515EPSS
Exploits17Affected Software12
F5 Networks
F5 Networks
•added 2023/09/12 4:54 p.m.•44 views

K000136168: Intel BIOS firmware vulnerabilities CVE-2022-44611 and CVE-2022-27879

Security Advisory Description CVE-2022-44611 Improper input validation in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. CVE-2022-27879 Improper buffer restrictions in the BIOS firmware for some IntelR...

8CVSS6.1AI score0.00348EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/04/28 6:27 p.m.•44 views

K000133706: OpenSSL vulnerability CVE-2023-0464

Security Advisory Description A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain th...

7.5CVSS6.9AI score0.03658EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•44 views

K15423: GNU Libtasn1 vulnerabilities CVE-2014-3467 and CVE-2014-3468

Security Advisory Description GNU Libtasn1 has been cited with the following vulnerabilities, which may be exploitable on some F5 products: CVE-2014-3467 Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnutTLS, allow remote attackers to cause a denia...

7.5CVSS6.8AI score0.068EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•44 views

K94778122: tcpdump vulnerabilities CVE-2016-7985, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, and CVE-2016-8575

Security Advisory Description CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calmfastprint. CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cipifprint. CVE-2016-7993 A bug in...

9.8CVSS8.8AI score0.05504EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•44 views

K4207: Buffer overflow in mod_include - CAN-2004-0940

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

6.2AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•44 views

K87235248: ImageMagick vulnerability CVE-2020-29599

Security Advisory Description ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject...

7.8CVSS7.5AI score0.07508EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K40264570: Java SE vulnerabilities CVE-2019-2987, CVE-2019-2988, and CVE-2019-2992

Security Advisory Description CVE-2019-2987 Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

4.3CVSS5AI score0.03467EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K75540265: BIG-IP APM ACL bypass vulnerability CVE-2021-23016

Security Advisory Description An attacker may be able to bypass APM's internal restrictions and retrieve static content that is hosted within APM by sending specifically crafted requests to an APM Virtual Server. CVE-2021-23016 Impact This vulnerability may allow an attacker to retrieve static...

5.3CVSS5.4AI score0.00833EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K70569537: BIG-IP DNS Express vulnerability CVE-2022-41787

Security Advisory Description When the DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with Domain Name System Security Extensions DNSSEC can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-41787 Impact Traffic is disrupted while...

7.5CVSS7.6AI score0.00616EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K63771715: Linux kernel vulnerability CVE-2017-7261

Security Advisory Description The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service ZEROSIZEPTR dereference, and GPF and possibly...

5.5CVSS6AI score0.00366EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•44 views

K39041624: NTP vulnerability CVE-2016-9042

Security Advisory Description An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted...

5.9CVSS6.6AI score0.0396EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•44 views

K62279530: ConfigSync mcpd vulnerability CVE-2017-6161

Security Advisory Description When configuration synchronization ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypt and authenticate connections to mcpd. CVE-2017-6161 Impact This vulnerability may allow remote attackers to...

5.3CVSS5.5AI score0.00971EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:52 p.m.•44 views

K15874: Samba vulnerability CVE-2013-4475

Security Advisory Description Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated...

4CVSS8.2AI score0.09017EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:50 p.m.•44 views

K9025: FirePass SNMP DoS vulnerability

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

10CVSS6.3AI score0.6879EPSS
Exploits7
F5 Networks
F5 Networks
•added 2023/02/21 7:49 p.m.•44 views

K17049: PHP vulnerability CVE-2015-4598

Security Advisory Description PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 t...

7.5CVSS8AI score0.03917EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 7:49 p.m.•44 views

K15561: Kerberos vulnerability CVE-2014-4344

Security Advisory Description The accctxcont function in the SPNEGO acceptor in lib/gssapi/spnego/spnegomech.c in MIT Kerberos 5 aka krb5 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty continuatio...

7.8CVSS7.8AI score0.06614EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 7:37 p.m.•44 views

K17330: GnuTLS vulnerability CVE-2015-3308

Security Advisory Description Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. CVE-2015-3308 Impact A remote attacker may be able to cause a...

7.5CVSS8AI score0.03921EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:36 p.m.•44 views

K5576: Authentication vulnerability in Apache mod_digest - CAN-2003-0987

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7.5CVSS6.3AI score0.05562EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:36 p.m.•44 views

K16596: Privilege escalation vulnerability CVE-2014-3215

Security Advisory Description seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges ...

6.9CVSS5.9AI score0.00357EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•44 views

K28507582: PHP vulnerability CVE-2017-12933

Security Advisory Description The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the...

9.8CVSS7.5AI score0.0694EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:30 p.m.•44 views

K4743: Inadequate validation for TCP segments CVE-2005-0356

Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS6.3AI score0.83284EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•44 views

K14261: OpenSSL OCSP vulnerability CVE-2013-0166

Security Advisory Description OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for Online Certificate Status Protocol OCSP responses, which allow remote attackers to cause a denial-of-service DoS NULL pointer dereference and...

8AI score
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•44 views

K15721: GnuTLS vulnerability CVE-2013-1619

Security Advisory Description The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to...

4CVSS6.8AI score0.0644EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:28 p.m.•44 views

K16389: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2013-5908 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. CVE-2014-0401 Unspecifie...

4CVSS5.7AI score0.0467EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:26 p.m.•44 views

K8186: Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

4.3CVSS7.4AI score0.46603EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•44 views

K89096577: LibTIFF vulnerabilities CVE-2016-5314 and CVE-2015-8784

Security Advisory Description CVE-2016-5314 Buffer overflow in the PixarLogDecode function in tifpixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by...

8.8CVSS8.6AI score0.04653EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:5 p.m.•44 views

K34958244: PHP vulnerability CVE-2016-3074

Security Advisory Description Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. CVE-2016-3074 Impa...

9.8CVSS9.3AI score0.36974EPSS
Exploits8Affected Software7
F5 Networks
F5 Networks
•added 2023/02/21 7:4 p.m.•44 views

K05918709: PHP vulnerability CVE-2016-7479

Security Advisory Description In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. CVE-2016-7479 Impact There is no impact; F5...

9.8CVSS9.3AI score0.41943EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:4 p.m.•44 views

K15356: OpenSSL vulnerability CVE-2014-0195

Security Advisory Description The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denia...

6.8CVSS8.6AI score0.99977EPSS
Exploits4Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•44 views

K41827200: MySQL vulnerabilities CVE-2018-2562, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, and CVE-2018-2590

Security Advisory Description CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attack...

7.5CVSS6.5AI score0.03389EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•44 views

K59836191: GnuTLS vulnerabilities CVE-2017-5335, CVE-2017-5336, and CVE-2017-5337

Security Advisory Description CVE-2017-5335 The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service out-of-memory error and crash via a crafted OpenPGP certificate. CVE-2017-5336 Stack-based buffe...

9.8CVSS9.5AI score0.08009EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•44 views

K30737254: Linux kernel vulnerability CVE-2017-2671

Security Advisory Description The pingunhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service panic by leveraging...

5.5CVSS6.2AI score0.01463EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•44 views

K15439: Samba vulnerability CVE-2014-0244

Security Advisory Description The sysrecvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed UDP packet. CVE-2014-0244 Impact None. No F5 products are...

3.3CVSS7.7AI score0.20481EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•44 views

K13231: PHP vulnerability CVE-2009-2626

Security Advisory Description In PHP 5.3.0 and PHP 5.2.10 and earlier, the zendrestoreinientrycb function in zendini.c allows context-specific attackers to obtain sensitive information memory contents and causes PHP to fail by using the iniset function to declare a variable, and then using the...

6.3AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•45 views

K61968355: Linux kernel vulnerability CVE-2017-7374

Security Advisory Description Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing...

7.8CVSS6.2AI score0.00799EPSS
Exploits0
Total number of security vulnerabilities5000