Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

11 matches found

CVE•added 2022/01/26 2:15 p.m.•1111 views

CVE-2021-22600

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

7.2CVSS6.8AI score0.00033EPSS

CVE•added 2022/01/18 5:15 p.m.•431 views

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges ...

7CVSS6.9AI score0.00016EPSS

CVE•added 2022/01/14 8:15 a.m.•377 views

CVE-2022-23222

kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.

7.8CVSS7.3AI score0.00562EPSS

CVE•added 2022/01/06 6:15 p.m.•202 views

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the g...

6.5CVSS6.6AI score0.00019EPSS

CVE•added 2022/01/31 4:15 p.m.•182 views

CVE-2022-0286

A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.

5.5CVSS6.4AI score0.00065EPSS

CVE•added 2022/01/06 6:15 p.m.•178 views

CVE-2021-28714

6.5CVSS6.6AI score0.00019EPSS

CVE•added 2022/01/25 4:15 p.m.•128 views

CVE-2021-34866

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ...

8.8CVSS7.6AI score0.00133EPSS

CVE•added 2022/01/21 7:15 p.m.•128 views

CVE-2021-4001

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects k...

4.7CVSS5AI score0.00016EPSS

CVE•added 2022/01/29 10:15 p.m.•120 views

CVE-2022-24122

kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.

7.8CVSS7.4AI score0.00186EPSS

CVE•added 2022/01/11 10:15 p.m.•88 views

CVE-2021-46283

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expr...

5.5CVSS5.4AI score0.0004EPSS

CVE•added 2022/01/21 7:15 p.m.•81 views

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with s...

4.9CVSS4.3AI score0.00047EPSS