Lucene search
K
LinuxLinux Kernel4.9.0

10 matches found

CVE
CVE
added 2021/05/11 12:0 a.m.617 views

CVE-2020-24588

The CVE-2020-24588 entry relates to the 802.11 Wi‑Fi fragmentation/ A‑MSDU handling issue where the plaintext QoS header flag isn’t authenticated, enabling an attacker to inject packets by sending non‑SSP A‑MSDU frames (FragAttacks). Connected Astra Linux advisories describe this as a variant of ...

3.5CVSS6.4AI score0.03537EPSS
CVE
CVE
added 2023/01/05 12:0 a.m.498 views

CVE-2022-4378

CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...

7.8CVSS7.6AI score0.00428EPSS
CVE
CVE
added 2020/05/04 11:42 a.m.307 views

CVE-2020-12114

CVE-2020-12114 describes a local, pivot_root race condition in the Linux kernel’s fs/namespace.c that can allow a local user to trigger a denial of service (panic) by corrupting a mountpoint reference counter. The initial description lists affected kernel branches and versions where the issue exi...

4.7CVSS5.5AI score0.00423EPSS
CVE
CVE
added 2020/09/10 1:20 a.m.237 views

CVE-2020-25220

CVE-2020-25220 is a Linux kernel local-use-after-free vulnerability in the cgroup subsystem caused by not accounting for skcd->no_refcnt during a backport of CVE-2020-14356. Affects 4.9.x (before 4.9.233), 4.14.x (before 4.14.194), and 4.19.x (before 4.19.140). The issue originates from backpo...

7.8CVSS7.3AI score0.00449EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.152 views

CVE-2017-16912

The CVE-2017-16912 issue affects the Linux kernel’s USB/IP stack (get_pipe() in drivers/usb/usbip/stub_rx.c) and is exploitable via crafted USB over IP packets to trigger an out-of-bounds read, causing DoS. Affected versions are pre-4.14.8, pre-4.9.71, and pre-4.4.114; fixes were released in Chan...

7.1CVSS5.8AI score0.04166EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.152 views

CVE-2017-16914

The vulnerability CVE-2017-16914 affects the Linux kernel’s USB/IP path: the stub_send_ret_submit() function in drivers/usb/usbip/stub_tx.c is vulnerable in kernel versions before 4.14.8, 4.9.71, 4.1.49, and 4.4.107. A specially crafted USB over IP packet can trigger a NULL pointer dereference, l...

7.1CVSS6.2AI score0.04456EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.149 views

CVE-2017-16913

The CVE-2017-16913 issue affects the Linux kernel USB/IP stack. Specifically, stub_recv_cmd_submit() in drivers/usb/usbip/stub_rx.c fails to validate CMD_SUBMIT packets, enabling a remote attacker to trigger a denial of service via arbitrary memory allocation. Affected kernel versions: before 4.1...

7.1CVSS5.8AI score0.0397EPSS
CVE
CVE
added 2018/01/31 10:0 p.m.141 views

CVE-2017-16911

The CVE-2017-16911 issue affects the vhci_hcd driver in the Linux kernel prior to 4.14.8 and 4.4.114, allowing local attackers to disclose kernel memory addresses when a USB device is attached over IP. Exploitation details are contingent on the USB-over-IP setup; the vulnerability is limited to l...

4.7CVSS5.8AI score0.00399EPSS
CVE
CVE
added 2017/12/23 5:0 p.m.121 views

CVE-2017-17863

CVE-2017-17863 affects the Linux kernel 4.9.x up to 4.9.71, where the BPF verifier in kernel/bpf/verifier.c fails to check the relationship between pointer values and the BPF stack. This can allow local users to trigger a denial of service (integer overflow or invalid memory access) or potentiall...

7.8CVSS7.5AI score0.00409EPSS
CVE
CVE
added 2024/03/25 9:7 a.m.107 views

CVE-2021-47142

CVE-2021-47142 concerns the Linux kernel’s DRM/AMDGPU stack. The vulnerability stems from a use-after-free in the AMDGPU TTM memory backend when cleaning up objects, specifically due to not clearing ttm->sg (the sg table) which can lead to a general protection fault during teardown. The connec...

5.5CVSS6.3AI score0.00234EPSS