Linux Kernel Security Vulnerabilities and Issues — Page 150 of Linux Kernel CVE List

7.6CVSS6.8AI score0.00198EPSS

CVE-2016-6755

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....

4.7CVSS4.5AI score0.00226EPSS

CVE-2016-6756

An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Produc...

4.7CVSS3.9AI score0.00146EPSS

CVE-2016-8401

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a ...

4.7CVSS4.4AI score0.00193EPSS

CVE-2016-8409

An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Androi...

CVE•added 2017/04/05 2:59 p.m.•48 views

CVE-2017-0327

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10...

7.6CVSS6.9AI score0.00184EPSS

CVE•added 2017/02/08 3:59 p.m.•48 views

CVE-2017-0444

An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10...

7.6CVSS6.6AI score0.00139EPSS

CVE•added 2017/03/08 1:59 a.m.•48 views

CVE-2017-0463

An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kerne...

7.6CVSS6.6AI score0.00242EPSS

CVE•added 2017/04/23 5:59 a.m.•48 views

CVE-2017-8066

drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than...

7.8CVSS7.8AI score0.00046EPSS

CVE•added 2022/10/21 6:15 a.m.•48 views

CVE-2022-3630

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects some unknown processing of the file fs/fscache/cookie.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of t...

5.5CVSS4.5AI score0.00024EPSS

CVE•added 2024/07/16 12:15 p.m.•48 views

CVE-2022-48782

In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problemroute.c:425:4: warning: Use of memory after it is freedtrace_mctp_key_acquire(key);^~~~~~~~~~~~~~~~~~~~~~~~~~~When mctp_key_add() fails, key is freed but then is la...

7.8CVSS7.5AI score0.00036EPSS

CVE•added 2024/10/21 8:15 p.m.•48 views

CVE-2022-48963

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_mux_init() When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_muxis not released.

5.5CVSS5.2AI score0.00036EPSS

CVE•added 2025/05/01 3:16 p.m.•48 views

CVE-2022-49899

In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscrypt_master_key The approach of fs/crypto/ internally managing the fscrypt_master_keystructs as the payloads of "struct key" objects contained in a"struct key" keyring has outlived its ...

5.5CVSS6.7AI score0.00053EPSS

CVE•added 2023/09/04 3:15 a.m.•48 views

CVE-2023-20845

In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.

4.2CVSS4AI score0.00018EPSS

CVE•added 2024/08/21 7:15 a.m.•48 views

CVE-2023-52914

In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to arequest leak. This will eventually stall the ring exit process aswell.

5.5CVSS6.5AI score0.00047EPSS

CVE•added 2024/09/11 4:15 p.m.•48 views

CVE-2024-45024

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb vs. core-mm PT locking We recently made GUP's common page table walking code to also walk hugetlbVMAs without most hugetlb special-casing, preparing for the future ofhaving less hugetlb-specific page table w...

5.5CVSS5.2AI score0.00036EPSS

CVE•added 2024/09/13 6:15 a.m.•48 views

CVE-2024-46684

In the Linux kernel, the following vulnerability has been resolved: binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined create_elf_fdpic_tables() does not correctly account the space for theAUX vector when an architecture has ELF_HWCAP2 defined. Prior to thecommit 10e29251be0e ("...

5.5CVSS5.1AI score0.00036EPSS

CVE•added 2024/09/27 1:15 p.m.•48 views

CVE-2024-46837

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without anypermission checks. As a result, this was allowing possible denial ofservice. We now only allow the DRM mast...

5.5CVSS5.3AI score0.00036EPSS

CVE•added 2024/12/27 3:15 p.m.•48 views

CVE-2024-56668

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain The qi_batch is allocated when assigning cache tag for a domain. Whilefor nested parent domain, it is missed. Hence, when trying to map pagesto the nested parent, NULL...

5.5CVSS6.3AI score0.0003EPSS

CVE•added 2025/01/19 12:15 p.m.•48 views

CVE-2024-57905

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from atriggered buffer, but it has a hole between the sample (unsigned int)and the timestamp. This hole is ne...

7.1CVSS6AI score0.0003EPSS

CVE•added 2025/02/27 2:15 a.m.•48 views

CVE-2024-57988

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but thisreturned value in btbcm_get_board_name() is not checked.Add NULL check in btbcm_get_board_name(), to handle kern...

5.5CVSS6.3AI score0.00022EPSS

CVE•added 2000/01/04 5:0 a.m.•47 views

CVE-1999-0804

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

5CVSS7AI score0.03718EPSS

CVE•added 2004/09/01 4:0 a.m.•47 views

CVE-2001-0907

Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.

2.1CVSS6.1AI score0.00224EPSS

CVE•added 2002/08/31 4:0 a.m.•47 views

CVE-2001-1399

Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."

2.1CVSS5.3AI score0.00137EPSS

CVE•added 2003/08/27 4:0 a.m.•47 views

CVE-2003-0187

The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter ...

5CVSS6.7AI score0.00655EPSS

CVE•added 2005/05/02 4:0 a.m.•47 views

CVE-2005-0916

AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_...

2.1CVSS5.1AI score0.00146EPSS

CVE•added 2005/11/22 8:3 p.m.•47 views

CVE-2005-3753

Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.

7.8CVSS6.5AI score0.00392EPSS

CVE•added 2009/09/02 5:30 p.m.•47 views

CVE-2009-3043

The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonst...

4.9CVSS6.9AI score0.00128EPSS

CVE•added 2009/10/30 8:30 p.m.•47 views

CVE-2009-3623

The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer derefere...

7.8CVSS7.3AI score0.01408EPSS

CVE•added 2009/11/16 7:30 p.m.•47 views

CVE-2009-3888

The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2.6.31.6, when the CPU lacks a memory management unit, allows local users to cause a denial of service (OOPS) via an application that attempts to allocate a large amount of memory.

4.9CVSS7AI score0.00122EPSS

CVE•added 2017/01/12 3:59 p.m.•47 views

CVE-2016-6780

An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....

7.6CVSS6.8AI score0.00151EPSS

CVE•added 2017/01/12 3:59 p.m.•47 views

CVE-2016-8402

4.7CVSS3.9AI score0.00146EPSS

CVE•added 2017/01/12 8:59 p.m.•47 views

CVE-2016-8465

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platfor...

7.6CVSS7.6AI score0.00435EPSS

4.7CVSS4.3AI score0.00279EPSS

CVE-2016-8477

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Ker...

9.3CVSS7.2AI score0.0024EPSS

CVE-2017-0306

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the ope...

CVE•added 2017/04/05 2:59 p.m.•47 views

CVE-2017-0328

An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Andro...

4.7CVSS5.2AI score0.00223EPSS

9.3CVSS7.2AI score0.00254EPSS

CVE-2017-0338

7.6CVSS6.6AI score0.00279EPSS

CVE-2017-0432

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. And...

CVE-2017-0434

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android. ...

7.6CVSS6.6AI score0.00145EPSS

CVE-2017-0435

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

CVE-2017-0437

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

CVE-2017-0441

CVE-2017-0442