Kernel@* Security Vulnerabilities and Issues — Kernel@* CVE List

Lucene search

LinuxKernel*

12 matches found

CVE•added 2022/09/01 9:15 p.m.•323 views

CVE-2022-1729

A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

7CVSS7.3AI score0.00102EPSS

CVE•added 2022/08/31 4:15 p.m.•301 views

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an ou...

7CVSS6.9AI score0.00018EPSS

CVE•added 2022/10/25 5:15 p.m.•230 views

CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

5.5CVSS5.9AI score0.00013EPSS

CVE•added 2022/09/27 11:15 p.m.•197 views

CVE-2022-3303

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a deni...

4.7CVSS5.7AI score0.00024EPSS

CVE•added 2022/08/23 4:15 p.m.•180 views

CVE-2021-3764

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.

5.5CVSS6.2AI score0.00019EPSS

CVE•added 2022/10/19 6:15 p.m.•176 views

CVE-2022-3586

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, caus...

5.5CVSS6.4AI score0.00091EPSS

CVE•added 2022/08/31 4:15 p.m.•152 views

CVE-2022-1974

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

4.1CVSS5.2AI score0.00017EPSS

CVE•added 2022/09/14 9:15 p.m.•143 views

CVE-2022-2977

A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the syste...

7.8CVSS7.2AI score0.00021EPSS

CVE•added 2022/08/31 4:15 p.m.•125 views

CVE-2022-1975

There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

5.5CVSS5.8AI score0.0002EPSS

CVE•added 2022/08/31 4:15 p.m.•72 views

CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.

7CVSS6.6AI score0.00304EPSS

CVE•added 2022/04/18 5:15 p.m.•65 views

CVE-2011-4917

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

5.5CVSS5.2AI score0.00052EPSS

CVE•added 2022/07/12 9:15 p.m.•50 views

CVE-2011-4916

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

5.5CVSS5.3AI score0.00092EPSS