Kernel Security Vulnerabilities and Issues — Kernel CVE List

Lucene search

LinuxKernel

11 matches found

CVE•added 2022/10/25 5:15 p.m.•230 views

CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

5.5CVSS5.9AI score0.00013EPSS

CVE•added 2021/05/10 7:15 p.m.•224 views

CVE-2020-28588

An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all ver...

5.5CVSS5.6AI score0.00059EPSS

CVE•added 2022/08/23 4:15 p.m.•179 views

CVE-2021-3764

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.

5.5CVSS6.2AI score0.00019EPSS

CVE•added 2022/10/19 6:15 p.m.•176 views

CVE-2022-3586

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, caus...

5.5CVSS6.4AI score0.00091EPSS

CVE•added 2022/08/31 4:15 p.m.•125 views

CVE-2022-1975

There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

5.5CVSS5.8AI score0.0002EPSS

CVE•added 2020/02/20 4:15 a.m.•104 views

CVE-2011-2498

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

5.5CVSS5.6AI score0.0006EPSS

CVE•added 2020/02/20 6:15 p.m.•80 views

CVE-2011-4915

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

5.5CVSS5.2AI score0.0008EPSS

CVE•added 2023/03/24 10:15 p.m.•80 views

CVE-2023-1583

A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selectio...

5.5CVSS5.3AI score0.00015EPSS

CVE•added 2023/06/20 8:15 p.m.•73 views

CVE-2023-3220

An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.

5.5CVSS5.8AI score0.00018EPSS

CVE•added 2022/04/18 5:15 p.m.•65 views

CVE-2011-4917

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

5.5CVSS5.2AI score0.00052EPSS

CVE•added 2022/07/12 9:15 p.m.•50 views

CVE-2011-4916

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

5.5CVSS5.3AI score0.00092EPSS