Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2005/03/14 5:0 a.m.63 views

CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.

4.6CVSS5.9AI score0.00148EPSS
CVE
CVE
added 2005/11/20 10:3 p.m.63 views

CVE-2005-2709

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function po...

4.6CVSS4.8AI score0.00219EPSS
CVE
CVE
added 2005/10/18 10:2 p.m.63 views

CVE-2005-3257

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

4.6CVSS5.1AI score0.00385EPSS
CVE
CVE
added 2006/05/18 7:6 p.m.63 views

CVE-2006-1528

Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.

4.9CVSS6.9AI score0.00089EPSS
CVE
CVE
added 2006/04/25 10:2 p.m.63 views

CVE-2006-1863

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864.

2.1CVSS7.2AI score0.00411EPSS
CVE
CVE
added 2006/11/09 11:7 a.m.63 views

CVE-2006-5823

The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.

4CVSS6.9AI score0.00101EPSS
CVE
CVE
added 2006/12/19 7:28 p.m.63 views

CVE-2006-6106

Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via C...

7.5CVSS7.8AI score0.0338EPSS
CVE
CVE
added 2007/05/03 5:19 p.m.63 views

CVE-2007-2480

The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applicati...

4.6CVSS6.3AI score0.00137EPSS
CVE
CVE
added 2007/05/08 11:19 p.m.63 views

CVE-2007-2525

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

4.9CVSS6.9AI score0.00088EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.63 views

CVE-2007-3719

The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

2.1CVSS6AI score0.00059EPSS
CVE
CVE
added 2007/11/09 6:46 p.m.63 views

CVE-2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

6.8CVSS7.4AI score0.01972EPSS
CVE
CVE
added 2008/05/29 4:32 p.m.63 views

CVE-2008-2137

The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, w...

4.4CVSS5.8AI score0.00088EPSS
CVE
CVE
added 2009/07/20 5:30 p.m.63 views

CVE-2009-1897

The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a differen...

6.9CVSS7.1AI score0.03337EPSS
CVE
CVE
added 2010/03/19 7:30 p.m.63 views

CVE-2009-4271

The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 platforms allows local users to cause a denial of service (panic) via a 32-bit application that calls mprotect on its Virtual Dynamic Shared Object (VDSO) page and then triggers a segmentation fault.

4.7CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2010/06/08 12:30 a.m.63 views

CVE-2010-1636

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only f...

2.1CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2011/04/10 2:51 a.m.63 views

CVE-2011-0463

The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized...

2.1CVSS7.3AI score0.00085EPSS
CVE
CVE
added 2012/06/13 10:24 a.m.63 views

CVE-2011-1759

Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted arg...

6.2CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2011/09/06 4:55 p.m.63 views

CVE-2011-2184

The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYC...

7.2CVSS7.5AI score0.001EPSS
CVE
CVE
added 2012/05/24 11:55 p.m.63 views

CVE-2011-2898

net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.

5.5CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2013/06/08 1:5 p.m.63 views

CVE-2011-2942

A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging co...

6.8CVSS8.3AI score0.00342EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.63 views

CVE-2011-4594

The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.

5.5CVSS5.6AI score0.00171EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.63 views

CVE-2011-4611

Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.

4.9CVSS6.2AI score0.00048EPSS
CVE
CVE
added 2013/01/22 11:55 p.m.63 views

CVE-2012-2119

Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length.

5.2CVSS6.9AI score0.00244EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.63 views

CVE-2012-6541

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS6.1AI score0.00056EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.63 views

CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.4AI score0.00032EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.63 views

CVE-2013-2548

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_N...

2.1CVSS5.3AI score0.00074EPSS
CVE
CVE
added 2014/08/01 11:13 a.m.63 views

CVE-2014-5045

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free)...

6.2CVSS6.4AI score0.00029EPSS
CVE
CVE
added 2016/08/06 10:59 a.m.63 views

CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

7.8CVSS7AI score0.00044EPSS
CVE
CVE
added 2016/12/08 5:59 p.m.63 views

CVE-2016-9919

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

7.8CVSS6.8AI score0.02704EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.63 views

CVE-2017-0569

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.02192EPSS
CVE
CVE
added 2018/10/08 10:29 p.m.63 views

CVE-2018-14656

A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.

7CVSS5.2AI score0.00094EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.63 views

CVE-2019-18812

A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.

7.8CVSS7.5AI score0.00554EPSS
CVE
CVE
added 2020/09/10 2:15 p.m.63 views

CVE-2020-25221

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit p...

7.8CVSS7.5AI score0.00193EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.63 views

CVE-2021-47114

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is inthe middle of last cluster, then the part from isize to the end of thecluster will be zeroed with buffer write, at that ...

5.5CVSS6.4AI score0.00007EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.63 views

CVE-2021-47159

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it "count" is a negative errorcode such as -EOPNOTSUPP. Because "i" is an unsigned int, the negativeerror code is type promoted to a...

5.5CVSS6.7AI score0.00006EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.63 views

CVE-2021-47175

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 tc qdisc add dev eth0 clsact tc filter add dev eth0 egress matchall action skbedit priority 0x10002 pi...

7.1CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.63 views

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if webail out using "goto out_release_unlock;" in the cases where idx >=size, or !huge_pte_none(...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.63 views

CVE-2021-47218

In the Linux kernel, the following vulnerability has been resolved: selinux: fix NULL-pointer dereference when hashtab allocation fails When the hash table slot array allocation fails in hashtab_init(),h->size is left initialized with a non-zero value, but the h->htablepointer is NULL. This m...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47223

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst null pointer dereference This patch fixes a tunnel_dst null pointer dereference due to locklessaccess in the tunnel egress path. When deleting a vlan tunnel thetunnel_dst pointer is set to NULL with...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47228

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot servicesdata. In order for this memory to not be re-used by the kernelafter ExitBootServices(), efi_mem_reserve() is u...

6.2CVSS7.2AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47232

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue,without incrementing the ref count. This leads to a ...

8.4CVSS8.1AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47256

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memory_failure Our syzkaller trigger the "BUG_ON(!list_empty(&inode->i_wb_list))" inclear_inode: kernel BUG at fs/inode.c:519!Internal error: Oops - BUG: 0 [#1] SMPModules ...

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the __string() machinery provided by the tracing subystem to make acopy of the string literals consumed by the "nested VM-Enter failed"tracepoint. A complet...

7.1CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47263

In the Linux kernel, the following vulnerability has been resolved: gpio: wcd934x: Fix shift-out-of-bounds error bit-mask for pins 0 to 4 is BIT(0) to BIT(4) however we ended up with BIT(n - 1)which is not right, and this was caught by below usban check UBSAN: shift-out-of-bounds in drivers/gpio/gp...

5.5CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used forupdating into a nop in ftrace_init(), but the error path (rightfully)returned -EINVAL and not -EFA...

5.5CVSS6.5AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47277

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physicaladdress (gpa) to a host virtual address using the right-shifted gpa(also known as gfn) an...

7.1CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47295

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). The problem was innon-freed perfect hash in tcindex_partial_destroy_work(). In tcindex_set_parms() new tcindex_data is ...

7.5CVSS7.2AI score0.00179EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev().Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev areallocated by input_allocate_device(), and as...

7.8CVSS6.9AI score0.00023EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47343

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error(e.g. read the content of origin block fails during shadowing),and the value of shadow_spine::root is uninit...

5.5CVSS6.4AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47346

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() commit 6f755e85c332 ("coresight: Add helper for inserting synchronizationpackets") removed trailing '\0' from barrier_pkt array and updated thecall sites like ...

7.1CVSS6.6AI score0.00022EPSS
Total number of security vulnerabilities10741