Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2004/09/01 4:0 a.m.56 views

CVE-2001-1391

Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.

5.5CVSS5.2AI score0.00087EPSS
CVE
CVE
added 2004/12/23 5:0 a.m.56 views

CVE-2004-0816

Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

7.5CVSS7.3AI score0.07792EPSS
CVE
CVE
added 2005/01/27 5:0 a.m.56 views

CVE-2004-0887

SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.

7.2CVSS7.4AI score0.00047EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.56 views

CVE-2004-1333

Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.

2.1CVSS7.1AI score0.0023EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.56 views

CVE-2005-0530

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

2.1CVSS5AI score0.00068EPSS
CVE
CVE
added 2005/06/16 4:0 a.m.56 views

CVE-2005-1265

The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.56 views

CVE-2005-1913

The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/08/08 4:0 a.m.56 views

CVE-2005-2500

Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.

7.5CVSS7.9AI score0.02584EPSS
CVE
CVE
added 2005/12/14 7:3 p.m.56 views

CVE-2005-3358

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

4.9CVSS4.4AI score0.00185EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.56 views

CVE-2005-3807

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already be...

4.9CVSS6AI score0.00147EPSS
CVE
CVE
added 2006/01/06 11:3 a.m.56 views

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

2.1CVSS4.8AI score0.00132EPSS
CVE
CVE
added 2006/03/12 9:2 p.m.56 views

CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

4.9CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2006/05/18 7:6 p.m.56 views

CVE-2006-1855

choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.

2.1CVSS6.9AI score0.00089EPSS
CVE
CVE
added 2006/04/27 5:6 p.m.56 views

CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

2.1CVSS7.2AI score0.00107EPSS
CVE
CVE
added 2006/06/30 9:5 p.m.56 views

CVE-2006-2934

SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to derefer...

5CVSS7.1AI score0.23284EPSS
CVE
CVE
added 2007/03/12 11:19 p.m.56 views

CVE-2007-1000

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

7.2CVSS5.7AI score0.00221EPSS
CVE
CVE
added 2007/05/29 8:30 p.m.56 views

CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.6AI score0.00858EPSS
CVE
CVE
added 2007/10/23 10:46 a.m.56 views

CVE-2007-3850

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space.

1.9CVSS5.5AI score0.00056EPSS
CVE
CVE
added 2007/08/13 9:17 p.m.56 views

CVE-2007-4311

The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof o...

6.8CVSS6.1AI score0.00606EPSS
CVE
CVE
added 2008/01/31 9:0 p.m.56 views

CVE-2007-4998

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

6.9CVSS6.5AI score0.00027EPSS
CVE
CVE
added 2008/09/03 2:12 p.m.56 views

CVE-2008-3792

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereferen...

7.1CVSS5AI score0.0444EPSS
CVE
CVE
added 2008/09/16 11:0 p.m.56 views

CVE-2008-4113

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows ...

4.7CVSS4.7AI score0.00179EPSS
CVE
CVE
added 2012/06/13 10:24 a.m.56 views

CVE-2011-2211

The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory.

7.2CVSS8.4AI score0.00047EPSS
CVE
CVE
added 2013/04/05 9:55 p.m.56 views

CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child proc...

7.2CVSS6.6AI score0.01201EPSS
CVE
CVE
added 2013/05/03 11:57 a.m.56 views

CVE-2013-1959

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.

3.7CVSS6.2AI score0.01052EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.56 views

CVE-2013-3226

The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.5AI score0.00058EPSS
CVE
CVE
added 2014/04/14 11:55 p.m.56 views

CVE-2014-2739

The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect p...

4.6CVSS6.7AI score0.00379EPSS
CVE
CVE
added 2014/12/12 11:59 a.m.56 views

CVE-2014-4323

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows a...

7.5CVSS6.8AI score0.01657EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.56 views

CVE-2014-6417

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket.

7.8CVSS7.6AI score0.05588EPSS
CVE
CVE
added 2014/10/13 10:55 a.m.56 views

CVE-2014-7284

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by...

6.4CVSS5AI score0.01011EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.56 views

CVE-2017-0404

An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....

7.6CVSS6.5AI score0.00327EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.56 views

CVE-2017-0537

An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. A...

4.7CVSS4.2AI score0.00283EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.56 views

CVE-2017-0579

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.00254EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.56 views

CVE-2017-0584

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kern...

4.7CVSS4.4AI score0.00223EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.56 views

CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Ver...

7.6CVSS6.6AI score0.00052EPSS
CVE
CVE
added 2017/04/23 5:59 a.m.56 views

CVE-2017-8063

drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more than one virtual pa...

7.8CVSS8.1AI score0.00101EPSS
CVE
CVE
added 2019/04/30 6:29 p.m.56 views

CVE-2018-20509

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

5.5CVSS4.9AI score0.00057EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.56 views

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AF_XDP ZC enabled queues in bitmap Commit c7a219048e45 ("ice: Remove xsk_buff_pool from VSI structure")silently introduced a regression and broke the Tx side of AF_XDP in copymode. xsk_pool on ice_ring is set only based ...

5.5CVSS6.2AI score0.00017EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.56 views

CVE-2021-47130

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme targetis still trying to free the sgl from the p2p pool instead of theregular sgl pool and causing a crash (BUG() is called). In...

4.4CVSS5.4AI score0.00008EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.56 views

CVE-2021-47147

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pci_ioremap_bar()' call, it must beundone by a corresponding 'pci_iounmap()' call, as already done in theremove function.

6.2CVSS6.1AI score0.00018EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.56 views

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters.Added new I40E_VSI_RELEASING flag to signalize deleting and releasingof VSI resources to sync this thread with sync...

5.5CVSS6.1AI score0.00008EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.56 views

CVE-2021-47190

In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perf_env__insert_btf() perf_env__insert_btf() doesn't insert if a duplicate BTF id isencountered and this causes a memory leak. Modify the function to returna success/error value and then free the m...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.56 views

CVE-2021-47196

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers andoverwrite it later again till the mlx4 is going to be changed do notoverwrite ibqp properti...

7.8CVSS6.3AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL There exists a possible scenario in which dwc3_gadget_init() can fail:during during host -> peripheral mode switch in dwc3_set_mode(), anda pending gadget...

5.5CVSS6.5AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47317

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fix detecting BPF atomic instructions Commit 91c960b0056672 ("bpf: Rename BPF_XADD and prepare to encode otheratomics in .imm") converted BPF_XADD to BPF_ATOMIC and added a way todistinguish instructions based on the i...

3.3CVSS6.7AI score0.00074EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47503

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc() Calling scsi_remove_host() before scsi_add_host() results in a crash: BUG: kernel NULL pointer dereference, address: 0000000000000108RIP: 0010:device_del+0x63/0x440Call...

6.2CVSS7.2AI score0.00018EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47523

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate dummy tail memory for all receive...

6.9AI score0.00021EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47529

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Fix memory leaks in error handling path Should an error occur (invalid TLV len or memory allocation failure), thememory already allocated in 'reduce_power_data' should be freed beforereturning, otherwise it is leaking.

5.5CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47567

In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fix hardlockup on vmap stack overflow Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do notactivate MMU before reading task struct") a vmap stack overflowresults in a hard lockup. This is because emergency...

6.4AI score0.00084EPSS
CVE
CVE
added 2025/04/17 6:15 p.m.56 views

CVE-2021-47669

In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe.Especially, the canfd_frame cfd which aliases skb memory is accessedafter the netif_rx_ni().

7.8CVSS6.7AI score0.00018EPSS
Total number of security vulnerabilities10741