74 matches found
CVE-2023-3079
Summary (CVE-2023-3079) : A type confusion in V8 in Google Chrome prior to 114.0.5735.110 can allow remote code execution via a crafted HTML page, with heap corruption as the underlying issue. The vulnerability affects Chrome’s Chromium-based rendering stack (V8 engine) and is rated High severity...
CVE-1999-0524
CVE-1999-0524 is an ICMP information-disclosure vulnerability where ICMP replies reveal (1) netmask and (2) timestamp to arbitrary hosts. Connected reports link it to multiple products (e.g., Nutanix AHV advisories NXSA‑AHV series and ABB M2M Gateway plugin) and describe the issue as an informati...
CVE-2023-4155
CVE-2023-4155 describes a vulnerability in the Linux kernel’s KVM AMD SEV implementation. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race that causes the VMGEXIT handler to be invoked recursively. If the handler is called multiple times, this can lead to a ...
CVE-2008-4609
CVE-2008-4609 is a TCP state-exhaustion DoS vulnerability demonstrated by sockstress. It was described as affecting the TCP implementation in Linux, BSD-based platforms, Windows, Cisco products, and probably others. The issue enables a remote attacker to exhaust connection state, potentially rend...
CVE-2018-10902
CVE-2018-10902 is a Linux kernel local privilege-escalation flaw in the raw MIDI driver. The issue arises from a race on concurrent access in the snd_rawmidi_ioctl() path (snd_rawmidi_input_params and snd_rawmidi_output_status), causing a double-free/double-realloc in the rawmidi.c handler. Explo...
CVE-2022-1462
CVE-2022-1462 is an out-of-bounds read in the Linux kernel TeleTYpe subsystem triggered by a race using ioctls (TIOCSPTLCK, TIOCGPTPEER, TIOCSTI, TCXONC). Local users can crash the system or read unauthorized memory. Public advisories link this CVE to Linux kernel versions across multiple distrib...
CVE-2023-3772
CVE-2023-3772 is a Linux kernel vulnerability in the IPsec XFRM subsystem that allows a local attacker with CAP_NET_ADMIN to dereference a NULL pointer in xfrm_update_ae_params(), potentially crashing the kernel and causing a denial of service. Connected documents confirm the root cause as a NULL...
CVE-2023-6176
The connected documents confirm CVE-2023-6176 is a Linux kernel issue in the cryptographic algorithm scatterwalk API. A null pointer dereference can be triggered when a local user constructs a malicious packet with specific socket configuration, potentially crashing the system or enabling privile...
CVE-2020-1749
CVE-2020-1749 describes a flaw in the Linux kernel’s IPsec networking implementation (notably VXLAN and GENEVE tunnels over IPv6). When an encrypted tunnel is established between two hosts, tunneled data may be misrouted over the encrypted link, causing data to be sent unencrypted and potentially...
CVE-2020-8834
Affected software: Linux kernel KVM for PowerPC (KVM with Book3S HV on Power8). Vulnerability arises from conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry and in kvmppc_save_tm()/kvmppc_restore_tm, leading to stack corruption. Consequence: a guest VM kernel-space code execut...
CVE-2021-20265
CVE-2021-20265 affects the Linux kernel: a memory-leak/DoS bug in unix_stream_recvmsg when a signal is pending can exhaust memory locally. Connected docs reference a fix in the upstream kernel (commit fa0dc04df259ba2df3ce1920e9690c7842f8fa4b4) and later kernel slab-leak fixes for af_unix, indicat...
CVE-2021-3759
CVE-2021-3759 is a memory overflow in the Linux kernel memcg IPC path, where repeated semget calls by a local user can exhaust memory and cause a denial of service. Public docs confirm impact is local and availability-focused. Debian LTS advisory DLA-3244-1 and Amazon ALAS2KERNEL advisories for k...
CVE-2023-6240
CVE-2023-6240 is documented as a Marvin vulnerability side-channel leakage in the Linux kernel RSA decryption operation. The connected Nessus entries confirm this CVE is listed among multiple advisories, referencing the same vulnerability block and associating it with Linux Kernel RSA decryption ...
CVE-2022-3566
CVE-2022-3566 affects the Linux kernel TCP handler (tcp_getsockopt/tcp_setsockopt) with a race condition. The connected documents show multiple vendor/OS advisories (ALAS2KERNEL-5.15-2024-053, ALAS2KERNEL-5.4-2024-084, ALAS2KERNEL-5.10-2024-066, ALAS-2024-2622, ALAS2KERNEL-5.15-2024-053, ALAS2KER...
CVE-2023-1073
CVE-2023-1073 is a memory corruption flaw in the Linux kernel HID subsystem triggered by inserting a malicious USB device. The impact is local: a nearby user can crash the system or potentially escalate privileges. Public documents confirm the issue is tracked across multiple advisories (e.g., AL...
CVE-2022-2663
CVE-2022-2663 is a Linux kernel issue in nf_conntrack_irc where message handling can be confused, causing incorrect matching and potentially allowing a firewall bypass when users operate with unencrypted IRC with nf_conntrack_irc enabled. The primary affected component is nf_conntrack_irc within ...
CVE-2023-6535
CVE-2023-6535 affects the Linux kernel NVMe driver. A crafted TCP packet sequence over NVMe over TCP may cause a NULL pointer dereference in the NVMe driver, leading to a kernel panic and denial of service. Connected documents confirm the same vulnerability text and its presence in multiple advis...
CVE-2023-6610
CVE-2023-6610 is an out-of-bounds read in Linux kernel’s smb2_dump_detail() (fs/smb/client/smb2ops.c). The vulnerability can allow a local attacker to crash the kernel or leak internal kernel information. Connected advisories (e.g., MiracleLinux/Tencent/Tenable Nessus entries) confirm the issue a...
CVE-2022-3435
CVE-2022-3435 affects the Linux kernel: an out-of-bounds read in fib_nh_match (net/ipv4/fib_semantics.c) could be exploited remotely by a remote, unauthenticated/partially privileged actor per the CVSS vector. The issue is rated CVSS v3.1 base 4.3 (Medium) with low impact to confidentiality and n...
CVE-2022-3567
CVE-2022-3567 is a Linux Kernel vulnerability affecting the IPv6 stack, specifically the inet6_stream_ops/inet6_dgram_ops in the IPv6 Handler. The issue is a race condition introduced in the kernel code (as described in the provided sources). A patch is recommended to fix the issue. The connected...
CVE-2023-1076
CVE-2023-1076 describes a Linux kernel flaw in tun/tap initialisation where the socket uid is hardcoded to 0 due to a type confusion. The result can cause tun/tap sockets to be treated as if they have root privileges when filtering/routing decisions are made, potentially bypassing network filters...
CVE-2022-42895
CVE-2022-42895: Infoleak in Linux kernel (net/bluetooth/l2cap_core.c: l2cap_parse_conf_req) can leak kernel pointers remotely. Affected: Linux kernel (including versions cited by Astra Linux bulletin; e.g., linux-5.10/5.15 per connected docs). Root cause: information disclosure in L2CAP config re...
CVE-2023-1075
CVE-2023-1075 is a Linux kernel TLS TLS: tls_is_tx_ready vulnerability. The issue arises from tls_is_tx_ready() performing a flawed check of list emptiness on a tls-related list, allowing a type-confused entry to be treated as a valid list_head and potentially leaking the last byte of a field tha...
CVE-2023-1074
CVE-2023-1074 is a memory-leak flaw in the Linux kernel SCTP implementation that can allow a local attacker to exhaust resources and cause a denial of service when a malicious networking service connects. The issue is described across multiple connected sources (e.g., Debian/AlmaLinux advisories ...
CVE-2022-36402
CVE-2022-36402 is described in connected advisories as an integer overflow in the vmwgfx driver (Linux kernel) within vmwgfx_execbuf.c, affecting GPUs exposed via /dev/dri/renderD128 (Dxxx). The vulnerability allows a local attacker with a user account to gain elevated privileges and can cause a ...
CVE-2020-16119
CVE-2020-16119 is a Linux kernel use-after-free vulnerability in DCCP where a socket reused as a listener after release (with an attached dccps_hc_tx_ccid) can be exploited locally. Affected: Linux kernel variants affected by upstream fixes; the issue allows local escalation to execute code or ca...
CVE-2018-14625
The CVE-2018-14625 entry describes a Linux kernel vulnerability in the vsock (AF_VSOCK) implementation. A race condition between connect() and close() can lead to a use-after-free that may enable a local attacker running inside a guest VM to read kernel memory (information leak) or potentially in...
CVE-2023-3773
The CVE-2023-3773 entry describes a flaw in the Linux kernel’s XFRM (IP framework) where parsing netlink attributes can trigger a 4-byte out-of-bounds read of XFRMA_MTIMER_THRESH. This could allow a malicious user with CAP_NET_ADMIN to leak sensitive heap data to userspace. The provided descripti...
CVE-2017-1000255
The connected Nessus entries confirm CVE-2017-1000255 affects PowerPC Linux kernels on Power8+ where a user can craft a signal frame and sigreturn to corrupt the kernel stack by using the r1 value from the signal frame. This can overwrite arbitrary kernel memory, causing an oops and potential pan...
CVE-2023-3640
CVE-2023-3640 – summary (Linux kernel x86 per-CPU entry area leak) A local memory leakage flaw was identified in the Linux kernel’s cpu_entry_area mapping for X86, enabling a local user to infer addresses of exception stacks and other kernel data. The vulnerability stems from partial randomness o...
CVE-2022-0286
Summary: CVE-2022-0286 affects the Linux kernel and is caused by a null pointer dereference in bond_ipsec_add_sa(), which can enable a local attacker to cause a denial of service. The NVD metrics indicate a Local, Low/Medium impact with a base CVSSv3.1 score of 5.5 (I/N/A high) and base CVSSv2 sc...
CVE-2019-14899
CVE-2019-14899 is a routing-path/kernel issue affecting macOS (and cited across Linux, FreeBSD, OpenBSD, iOS, Android). The root cause is a VPN-tunnel routing problem that allows a local/adjacent attacker to inject into active VPN connections, enabling data injection and potential VPN hijacking. ...
CVE-2022-3523
CVE-2022-3523 (Linux kernel) is addressed in MiracleLinux AXSA-2023-7038: the issue is a use-after-free in mm/memory.c during memory fault handling (memory manager race on private device pages). The Nessus/Miracle advisory lists this as one of multiple kernel CVEs affected on kernel 5.14.x builds...
CVE-2022-3619
CVE-2022-3619 is a memory-leak vulnerability in the Linux kernel Bluetooth subsystem (function l2cap_recv_acldata in net/bluetooth/l2cap_core.c). The Connected documents confirm the issue and its inclusion in kernel security advisories, and several sources list it among fixes in kernel updates. T...
CVE-2018-10876
A confirmed vulnerability in the Linux kernel ext4 filesystem: CVE-2018-10876 is a use-after-free in ext4_ext_remove_space() when mounting a crafted ext4 image, allowing a local attacker to crash the system and, per some sources, potentially execute arbitrary code. Public references in the connec...
CVE-2022-3646
CVE-2022-3646 is a Linux kernel vulnerability affecting the nilfs_attach_log_writer function in fs/nilfs2/segment.c (BPF component). The issue enables a memory leak and may be exploitable remotely. A patch is recommended to fix this issue (VDB-211961).
CVE-2018-10882
CVE-2018-10882 affects the Linux kernel ext4 implementation. A local user can trigger an out-of-bounds write in fs/jbd2/transaction.c by mounting/unmounting a crafted ext4 image, causing denial of service and potential system crash. Public details describe the vulnerability as part of ext4 file-s...
CVE-2016-0774
CVE-2016-0774 affects Linux kernel backports in Debian wheezy (before 3.2.73-2+deb7u3) and RHEL 7.1 (before 3.10.0-229.26.2). The flaw is in the pipe_read/pipe_write paths in fs/pipe.c where the side effects of failed __copy_to_user_inatomic/__copy_from_user_inatomic calls are not properly handle...
CVE-2023-7042
CVE-2023-7042 affects the Linux kernel in the ath10k wireless driver: a null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() can lead to a denial of service. Connected advisories confirm the issue is mitigated by updating to patched kernels (examples: Debian security notices list...
CVE-2017-6264
CVE-2017-6264 is an elevation-of-privilege vulnerability in the NVIDIA GPU driver used on Android, specifically within the gm20b_clk_throt_set_cdev_state path. An out-of-bounds memory read can be used as a function pointer, potentially allowing a local attacker to execute arbitrary code in kernel...
CVE-2014-8171
CVE-2014-8171 affects the Linux kernel memcg (memory resource controller). The description shows that a local user can spawn new processes within a memory-constrained cgroup, and this handling of OOM could lead to a deadlock, yielding a local denial of service. The incident is tied to the memcg O...
CVE-2023-4010
CVE-2023-4010 reports a denial-of-service in the Linux kernel USB Host Controller Driver (framework) specifically in usb_giveback_urb. The description indicates a logic error in the goto-condition can cause the function to loop indefinitely when presented with a malformed descriptor, leading to D...
CVE-2022-3621
CVE-2022-3621 : A vulnerability in the Linux kernel component nilfs2 affects the function nilfs_bmap_lookup_at_level in fs/nilfs2/inode.c. The issue enables a NULL pointer dereference, with the document noting that the flaw can be exploited remotely. The vulnerability is caused by manipulation of...
CVE-2020-10742
CVE-2020-10742 : The Linux kernel vulnerability is an index buffer overflow during Direct IO writes that can cause the NFS client to crash and, in some cases, a kernel panic after a kmalloc memory allocation has a reach-out beyond the allocated buffer. The described impact includes data confident...
CVE-2022-3629
CVE-2022-3629 affects the Linux kernel’s vsock_connect in net/vmw_vsock/af_vsock.c, causing a memory leak. The issue is described as a local problem with low overall severity (CVSS 3.1: low, availability impact), and exploitation is not trivial but feasible locally. The primary remediation guidan...
CVE-2022-4382
CVE-2022-4382 describes a use-after-free in the gadgetfs Linux driver caused by a race among superblock operations. Triggering condition: yanking out a device that is currently running the gadgetfs side. The description in the provided documents states a use-after-free condition and potential imp...
CVE-2021-3864
CVE-2021-3864 is a local privilege-escalation flaw in the Linux kernel involving how the dumpable flag is handled for descendants of certain SUID binaries. If a SUID binary sets real UID equal to effective UID and real GID equal to effective GID, the descendant’s dumpable value can become 1, so a...
CVE-2016-3699
CVE-2016-3699 affects the Linux kernel as used in Red Hat Enterprise Linux 7.2 and Red Hat MRG 2 when booted with UEFI Secure Boot. The issue allows local attackers to bypass Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd. The connected documents corrob...
CVE-2023-6679
CVE-2023-6679 is a NULL pointer dereference in the Linux kernel DPLL netlink code (dpll_pin_parent_pin_set in drivers/dpll/dpll_netlink.c). The vulnerability allows local attackers to trigger a denial of service. Connected advisories (Red Hat, Oracle, MiracleLinux) indicate kernel updates/fixes a...
CVE-2016-3695
CVE-2016-3695 in the Linux kernel relates to the einj_error_inject function (drivers/acpi/apei/einj.c). The issue allows a local user to simulate hardware errors and cause a denial of service by failing to disable APEI error injection via EINJ when securelevel is set. The connected documents show...