74 matches found
CVE-2022-3534
CVE-2022-3534 affects the libbpf component (function btf_dump_name_dups in tools/lib/bpf/btf_dump.c) with a use-after-free in Linux kernel/libbpf. Debian and other sources report a patch and version bumps: Debian DLA fixes libbpf to 0.3-2+deb11u1 (and related packages), and ALT Linux notes a fix ...
CVE-2023-6238
CVE-2023-6238 affects the Linux kernel NVMe driver. A buffer overflow allows a privileged user to provide a small meta buffer and trigger a larger DMA into that same buffer, overwriting unrelated kernel memory and causing random kernel crashes/memory corruption. The vulnerability is locally explo...
CVE-2022-0400
The CVE-2022-0400 entry concerns an out-of-bounds read in the Linux kernel’s SMC protocol stack that can enable remote denial of service. Connected sources (NVD, OSV, Debian-related OSV entries) confirm the affected component and impact but do not provide a patched version or explicit remediation...
CVE-2023-3397
CVE-2023-3397 is a race between lmLogClose and txEnd in the Linux kernel’s JFS, allowing a local attacker to crash the system or leak kernel info. Connected entries show Root:Debian-13, -11, -12 patches for rootio-linux with multiple fixed versions; patches indicate remediation has been applied i...
CVE-2018-10840
CVE-2018-10840 describes a heap-based buffer overflow in the Linux kernel’s ext4 xattr handling: fs/ext4/xattr.c:ext4_xattr_set_entry(). An attacker could exploit this by operating on a mounted crafted ext4 image, potentially leading to kernel memory corruption. Connected feeds confirm multiple v...
CVE-2021-3714
CVE-2021-3714 (Linux kernel) affects the kernel’s memory deduplication mechanism. The connected sources describe a local-exploitation style attack where an adversary can upload page-sized files and observe access-time changes from a networked service to infer whether pages have been merged. This ...
CVE-2023-52904
CVE-2023-52904 refers to a Linux kernel ALSA usb-audio vulnerability where snd_usb_pcm_has_fixed_rate() can dereference a NULL subs function argument. The root cause is using the subs argument before a NULL check, leading to an eventual NULL pointer dereference. Exploitation context is local (per...
CVE-2022-2308
CVE-2022-2308 describes a vulnerability in the Linux kernel’s vDPA with the VDUSE backend. The VDUSE kernel driver does not validate that the device config space size matches the features advertised by the VDUSE userspace app, causing Virtio config read helpers to pass uninitialized memory to vdu...
CVE-2006-2932
CVE-2006-2932 is a regression in the restore_all code path of the 4/4GB split support for non-hugemem kernels in Red Hat Enterprise Linux 4 (Desktop/Enterprise) that allows a local user to cause a denial of service (panic) via unspecified vectors. The issue is documented in Red Hat advisories RHS...
CVE-2022-3633
CVE-2022-3633 affects the Linux kernel, specifically the function j1939_session_destroy in net/can/j1939/transport.c. The issue is a memory leak caused by the manipulation of this routine. Multiple connected sources (e.g., Chainguard security.json entry, Astra Linux bulletin, CNVD/CNNVD entries, ...
CVE-2022-1247
CVE-2022-1247 affects the Linux kernel, specifically the rose driver. The issue is a race condition in rose_connect() where the driver tracks usage with rose_neigh->use. When deleting a rose_route via rose_ioctl(), the driver calls rose_del_node() and only removes neighbours if both their coun...
CVE-2018-6559
CVE-2018-6559 affects the Linux kernel overlayfs in Ubuntu 18.04/18.10. The vulnerability arises when mapping directory contents permissions inside nested user namespaces; a local attacker could exploit this to reveal names of files they would not normally access, bypassing some access controls. ...
CVE-2023-39180
CVE-2023-39180 affects the Linux kernel ksmbd module. The root cause is improper memory release after the memory’s lifetime in SMB2_READ handling, enabling a network-based DoS without authentication on systems with ksmbd enabled. Public details confirm impact as denial-of-service; no vendor patch...
CVE-2023-2898
CVE-2023-2898 is a Linux kernel vulnerability: a null-pointer dereference in f2fs_write_end_io (fs/f2fs/data.c) can be triggered by a local, privileged user to cause a denial of service. Public documentation confirms this flaw and ties it to the f2fs filesystem on the Linux kernel, with advisorie...
CVE-2022-2327
CVE-2022-2327 affects the Linux kernel io_uring path: use of work_flags to determine identity for IORING_OP may cause missing types, leading to incorrect reference counts and a double free. The primary public advisory notes the root cause is in the kernel io_uring identity handling and recommends...
CVE-2008-2544
CVE-2008-2544 describes a local bypass where mounting the /proc filesystem inside a chroot can occur in read-write mode, allowing a user to bypass the chroot and gain write access to files they would not normally access. The connected documents reiterate the same description but do not provide pr...
CVE-2023-39179
CVE-2023-39179 affects the Linux kernel ksmbd module and is triggered by SMB2 read requests. The vulnerability arises from insufficient validation of user-supplied data, allowing a read past the end of an allocated buffer. Impact is potential disclosure of sensitive information on affected system...
CVE-2021-4218
CVE-2021-4218 concerns a flaw in the Linux kernel related to reading the SVC RDMA counters. The vulnerability occurs when a local attacker with access triggers reading the counter via a sysctl, which panics the system and can cause a denial of service during reboot. The issue is described as spec...
CVE-2007-2764
The CVE-2007-2764 entry concerns the embedded Linux kernel in certain Sun-Brocade SilkWorm switches prior to 20070516. The issue arises when a non-root user creates a kernel process, which can lead to a denial of service (kernel oops) and device reboot via unspecified vectors. The NVD entry assig...
CVE-2017-1000377
CVE-2017-1000377 concerns a vulnerability in PAX Linux where the default stack guard page is too small and can be bypassed, allowing a bypass of stack protections. The core details indicate this affects PAX Linux kernel versions as of 19 June 2017, originally from GRSecurity and shipped by other ...
CVE-2022-3636
CVE-2022-3636 is a Linux kernel vulnerability affecting the function __mtk_ppe_check_skb in drivers/net/ethernet/mediatek/mtk_ppe.c (Ethernet Handler). The issue is a use-after-free in the MTK PPE path, leading to potential corruption or crash. A patch is recommended to fix the issue. The vulnera...
CVE-2023-39176
CVE-2023-39176 concerns the ksmbd kernel module in Linux, where parsing of SMB2 transform-header requests allows reading past the end of an allocated buffer. This results in information disclosure on affected systems with ksmbd enabled. Public sources in the connected documents consistently descr...
CVE-2022-3630
The CVE-2022-3630 entry concerns the Linux kernel, specifically the fs/fscache/cookie.c component used by IPsec. The vulnerability is described as a memory leak resulting from a manipulation in that code path. A patch is recommended to fix the issue, and the vulnerability is associated with VDB-2...
CVE-2022-3624
CVE-2022-3624 affects the Linux kernel, specifically the function rlb_arp_xmit in drivers/net/bonding/bond_alb.c of the IPsec component. The issue is described as a memory leak due to a manipulation in rlb_arp_xmit. A patch is recommended to fix this vulnerability. The provided connected sources ...