Lucene search
K
LinuxLinux Kernel4.14.0

9 matches found

CVE
CVE
added 2024/02/24 2:56 p.m.767 views

CVE-2024-26602

CVE-2024-26602 affects the Linux kernel’s membarrier path. The fix targets the sys_membarrier interface by introducing a lock on the path to serialize accesses and prevent extremely high call frequency, which could otherwise cause global slowdowns. Affected component: sched/membarrier. Root cause...

5.5CVSS6.6AI score0.00316EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.684 views

CVE-2021-46929

CVE-2021-46929 describes a Linux kernel SCTP use-after-free related issue in endpoint destruction, resolved by delaying endpoint free with call_rcu() and moving sock_put/ep free into sctp_endpoint_destroy_rcu(). The patch ensures the endpoint (ep) remains alive under rcu_read_lock during certain ...

5.5CVSS6.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.581 views

CVE-2021-46935

CVE-2021-46935 : Linux kernel binder vulnerability where async_free_space accounting for empty parcels leaked up to 8 bytes per 8-byte-or-smaller async transaction. Root cause: after a patch fixing visibility (Android binder buffer moved out of user space), the free operation didn’t add back size...

5.5CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2023/01/05 12:0 a.m.498 views

CVE-2022-4378

CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...

7.8CVSS7.6AI score0.00428EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.152 views

CVE-2017-16912

The CVE-2017-16912 issue affects the Linux kernel’s USB/IP stack (get_pipe() in drivers/usb/usbip/stub_rx.c) and is exploitable via crafted USB over IP packets to trigger an out-of-bounds read, causing DoS. Affected versions are pre-4.14.8, pre-4.9.71, and pre-4.4.114; fixes were released in Chan...

7.1CVSS5.8AI score0.04166EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.152 views

CVE-2017-16914

The vulnerability CVE-2017-16914 affects the Linux kernel’s USB/IP path: the stub_send_ret_submit() function in drivers/usb/usbip/stub_tx.c is vulnerable in kernel versions before 4.14.8, 4.9.71, 4.1.49, and 4.4.107. A specially crafted USB over IP packet can trigger a NULL pointer dereference, l...

7.1CVSS6.2AI score0.04456EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.149 views

CVE-2017-16913

The CVE-2017-16913 issue affects the Linux kernel USB/IP stack. Specifically, stub_recv_cmd_submit() in drivers/usb/usbip/stub_rx.c fails to validate CMD_SUBMIT packets, enabling a remote attacker to trigger a denial of service via arbitrary memory allocation. Affected kernel versions: before 4.1...

7.1CVSS5.8AI score0.0397EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.141 views

CVE-2017-16911

The CVE-2017-16911 issue affects the vhci_hcd driver in the Linux kernel prior to 4.14.8 and 4.4.114, allowing local attackers to disclose kernel memory addresses when a USB device is attached over IP. Exploitation details are contingent on the USB-over-IP setup; the vulnerability is limited to l...

4.7CVSS5.8AI score0.00399EPSS
CVE
CVE
added 2024/03/25 9:7 a.m.107 views

CVE-2021-47142

CVE-2021-47142 concerns the Linux kernel’s DRM/AMDGPU stack. The vulnerability stems from a use-after-free in the AMDGPU TTM memory backend when cleaning up objects, specifically due to not clearing ttm->sg (the sg table) which can lead to a general protection fault during teardown. The connec...

5.5CVSS6.3AI score0.00234EPSS