Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.59 views

CVE-1999-1018

IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.

7.5CVSS7AI score0.04112EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.59 views

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

5CVSS6.7AI score0.00826EPSS
CVE
CVE
added 2004/03/03 5:0 a.m.59 views

CVE-2004-0003

Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."

4.6CVSS5.8AI score0.00093EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.59 views

CVE-2004-1237

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

2.1CVSS6.3AI score0.00058EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.59 views

CVE-2005-3105

The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections.

2.1CVSS7.3AI score0.00066EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.59 views

CVE-2005-3108

mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.

2.1CVSS5.6AI score0.00066EPSS
CVE
CVE
added 2006/01/05 11:0 a.m.59 views

CVE-2005-4618

Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the...

3.6CVSS5.4AI score0.00139EPSS
CVE
CVE
added 2006/04/14 9:2 p.m.59 views

CVE-2006-0558

perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.

4.9CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2006/04/18 10:2 a.m.59 views

CVE-2006-0744

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

4.9CVSS7.1AI score0.00106EPSS
CVE
CVE
added 2006/03/21 6:2 p.m.59 views

CVE-2006-1343

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portio...

2.1CVSS7AI score0.00102EPSS
CVE
CVE
added 2006/07/07 6:5 p.m.59 views

CVE-2006-2451

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump...

4.6CVSS6.1AI score0.06758EPSS
CVE
CVE
added 2006/09/09 12:4 a.m.59 views

CVE-2006-4663

The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE: ...

7.8CVSS7AI score0.0004EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.59 views

CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that pre...

2.1CVSS7AI score0.00064EPSS
CVE
CVE
added 2009/05/05 8:30 p.m.59 views

CVE-2009-1184

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass inten...

4.4CVSS4.2AI score0.00059EPSS
CVE
CVE
added 2012/05/24 11:55 p.m.59 views

CVE-2011-2707

The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.

6CVSS5.8AI score0.00097EPSS
CVE
CVE
added 2013/02/28 7:55 p.m.59 views

CVE-2013-1772

The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console...

4CVSS6.1AI score0.00045EPSS
CVE
CVE
added 2013/05/03 11:57 a.m.59 views

CVE-2013-2017

The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

7.8CVSS7AI score0.00766EPSS
CVE
CVE
added 2013/09/16 1:1 p.m.59 views

CVE-2013-2891

drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

4.7CVSS5.7AI score0.00066EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.59 views

CVE-2013-3228

The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.7AI score0.00075EPSS
CVE
CVE
added 2013/09/25 10:31 a.m.59 views

CVE-2013-5634

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl c...

4.3CVSS7.7AI score0.00175EPSS
CVE
CVE
added 2014/12/12 11:59 a.m.59 views

CVE-2014-4323

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows a...

7.5CVSS6.8AI score0.01657EPSS
CVE
CVE
added 2019/08/19 2:15 a.m.59 views

CVE-2016-10907

An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.

7.8CVSS7.4AI score0.00089EPSS
CVE
CVE
added 2016/06/13 1:59 a.m.59 views

CVE-2016-2061

Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafte...

7.8CVSS7.4AI score0.00299EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.59 views

CVE-2017-0627

An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3...

4.7CVSS4.4AI score0.00341EPSS
CVE
CVE
added 2017/04/23 5:59 a.m.59 views

CVE-2017-8067

drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more th...

7.8CVSS8.1AI score0.00113EPSS
CVE
CVE
added 2018/11/21 12:29 a.m.59 views

CVE-2018-19406

kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.

5.5CVSS6.2AI score0.00046EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.59 views

CVE-2021-4218

A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL.

5.5CVSS5AI score0.00019EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.59 views

CVE-2021-47088

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamond_lock DAMON debugfs interface iterates current monitoring targets in'dbgfs_target_ids_read()' while holding the corresponding'kdamond_lock'. However, it also destructs the mo...

7CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.59 views

CVE-2021-47140

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Clear DMA ops when switching domain Since commit 08a27c1c3ecf ("iommu: Add support to change default domainof an iommu group") a user can switch a device between IOMMU and directDMA through sysfs. This doesn't work for A...

5.3CVSS5AI score0.00047EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.59 views

CVE-2021-47151

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid thereference leak.

5.5CVSS6.6AI score0.00018EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.59 views

CVE-2021-47164

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event.In bond_enslave() the active/backup slave being set before setting theupper dev so first event is without an upper dev.After s...

5.5CVSS6AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.59 views

CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters.Added new I40E_VSI_RELEASING flag to signalize deleting and releasingof VSI resources to sync this thread with sync...

5.5CVSS6.1AI score0.00008EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.59 views

CVE-2021-47204

In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove Access to netdev after free_netdev() will cause use-after-free bug.Move debug log before free_netdev() call to avoid it.

7.8CVSS6.4AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.59 views

CVE-2021-47227

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in __fpu__restore_sig() The non-compacted slowpath uses __copy_from_user() and copies the entireuser buffer into the kernel buffer, verbatim. This means that the kernelbuffer may now contain entire...

5.5CVSS7.1AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.59 views

CVE-2021-47234

In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() Use clk_disable_unprepare() in the error path of mtk_phy_init() to fixsome resource leaks.

5.5CVSS6.6AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.59 views

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL There exists a possible scenario in which dwc3_gadget_init() can fail:during during host -> peripheral mode switch in dwc3_set_mode(), anda pending gadget...

5.5CVSS6.5AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.59 views

CVE-2021-47296

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preemptnotifier corruption and crashes, among other issues.

5.5CVSS6.9AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.59 views

CVE-2021-47300

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tail_call_reachable rejection for interpreter when jit failed During testing of f263a81451c1 ("bpf: Track subprog poke descriptors correctlyand fix use-after-free") under various failure conditions, for example, whenjit_su...

5.5CVSS6.5AI score0.00096EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.59 views

CVE-2021-47447

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a3xx: fix error handling in a3xx_gpu_init() These error paths returned 1 on failure, instead of a negative errorcode. This would lead to an Oops in the caller. A second problem isthat the check for "if (ret != -ENODATA)" di...

6.6AI score0.00021EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.59 views

CVE-2021-47605

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check toprevent it being out of bounds. The "config.offset" and"dev->config_size" variables are both type u32. So if the...

7.8CVSS8.5AI score0.0006EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.59 views

CVE-2021-47660

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix some memory leaks in an error handling path of 'log_replay()' All error handling paths lead to 'out' where many resources are freed. Do it as well here instead of a direct return, otherwise 'log', 'ra' and'log->one...

5.5CVSS5.3AI score0.00025EPSS
CVE
CVE
added 2025/04/17 6:15 p.m.59 views

CVE-2021-47669

In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe.Especially, the canfd_frame cfd which aliases skb memory is accessedafter the netif_rx_ni().

7.8CVSS6.7AI score0.00023EPSS
CVE
CVE
added 2022/09/23 11:15 a.m.59 views

CVE-2022-2785

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. W...

6.7CVSS5.4AI score0.00018EPSS
CVE
CVE
added 2022/09/26 3:15 p.m.59 views

CVE-2022-3103

off-by-one in io_uring module.

7.8CVSS7.5AI score0.0002EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.59 views

CVE-2022-48644

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() getscalled even if qdisc->init() never succeeded, not exclusively sincecommit 87b60cfacf9f ("...

6.3AI score0.00027EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.59 views

CVE-2022-48671

In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning atcpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fixthreadgroup_rwsem cpus_read_loc...

5.5CVSS6.5AI score0.00007EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.59 views

CVE-2022-48675

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by using mmput_async(). From the below call trace [1] can see that calling mmput() once we havethe umem_odp->umem_mutex locked as req...

5.5CVSS6.4AI score0.00009EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.59 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port tohave no explicit HDM decoders. Currently the region driver ...

5.5CVSS6.7AI score0.00107EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.59 views

CVE-2022-48756

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, itis used before the check. Initialize the "dev" variable after the sanity check to avoid a possibleNUL...

5.5CVSS6.9AI score0.00015EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.59 views

CVE-2022-48774

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path ofpt_core_init(), 2 goto's have to be switched. Otherwise, some resourceswill leak and we will try to r...

6.5AI score0.00065EPSS
Total number of security vulnerabilities10926