Lucene search
K

312 matches found

CVE
CVE
added 2022/03/07 12:0 a.m.2762 views

CVE-2022-0847

CVE-2022-0847 (Dirty Pipe) is a Linux kernel local privilege-escalation flaw in the pipe buffer handling (flags field) where copy_page_to_iter_pipe and push_pipe fail to initialize flags, allowing an unprivileged local user to write to pages cached from read-only files. Public advisories confirm ...

7.8CVSS7.7AI score0.89063EPSS
In wild
CVE
CVE
added 2022/01/26 12:0 a.m.1189 views

CVE-2021-22600

CVE-2021-22600 is a local kernel vulnerability in the Linux packet migration path. A double-free in packet_set_ring() within net/packet/af_packet.c can be exploited by a local user via crafted syscalls, enabling either denial of service or privilege escalation. Connected sources confirm the under...

7.2CVSS6.8AI score0.05918EPSS
In wild
CVE
CVE
added 2022/03/23 7:46 p.m.901 views

CVE-2021-4197

CVE-2021-4197 is a Linux kernel vulnerability in the cgroup process migration permission checks. A local attacker could escalate privileges due to incorrect permission validation for cgroup-associated processes (affecting both cgroup v1 and v2). The issue is described across multiple sources as a...

7.8CVSS7.9AI score0.00541EPSS
CVE
CVE
added 2022/02/11 5:40 p.m.824 views

CVE-2022-0185

CVE-2022-0185 is a Linux kernel vulnerability in the legacy_parse_param path of the Filesystem Context API. It is a heap-based buffer overflow in parameter length verification that can be triggered by an unprivileged local user when opening a filesystem that falls back to legacy handling, enablin...

8.4CVSS8.1AI score0.25151EPSS
In wild
CVE
CVE
added 2022/03/03 12:0 a.m.679 views

CVE-2022-0492

CVE-2022-0492 is a Linux kernel local-privilege-escalation flaw in the cgroups v1 release_agent handling (function cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c). The issue arises because releasing the release_agent does not enforce proper capabilities, enabling a local attacker to esca...

7.8CVSS8AI score0.05528EPSS
In wild
CVE
CVE
added 2022/02/16 6:35 p.m.659 views

CVE-2021-3773

CVE-2021-3773 is a netfilter information-disclosure vulnerability in the Linux kernel that could allow a network-connected attacker to infer the OpenVPN connection endpoint. The issue is described as an information leak through netfilter, enabling reconnaissance for further attacks. Exploitation ...

9.8CVSS8.9AI score0.05279EPSS
CVE
CVE
added 2022/02/22 1:41 a.m.644 views

CVE-2022-25636

CVE-2022-25636 affects the Linux kernel (5.4–5.6.10) via an out-of-bounds heap write in net/netfilter/nf_dup_netdev.c related to nf_tables_offload. This enables local privilege escalation. The connected documents confirm the affected range and the heap OOB write, but do not provide a detailed fix...

7.8CVSS7.4AI score0.02633EPSS
CVE
CVE
added 2022/10/17 12:0 a.m.620 views

CVE-2022-3564

CVE-2022-3564 is a high-severity Linux kernel vulnerability involving a use-after-free in the Bluetooth subsystem, specifically the function l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c . Connected advisories (CentOS, AlmaLinux, AlmaLinux-RT, Astra Linux, and others) confirm the same weak...

7.1CVSS6.9AI score0.0129EPSS
CVE
CVE
added 2022/03/25 12:0 a.m.571 views

CVE-2022-0435

CVE-2022-0435 is a Linux kernel TIPc stack overflow issue. The vulnerability occurs in TIPc domain record handling when a peer sends a domain with more than 64 members, enabling a remote attacker with access to the TIPc network to crash the system and potentially escalate privileges. Connected ad...

9CVSS9AI score0.67994EPSS
CVE
CVE
added 2022/02/04 10:29 p.m.569 views

CVE-2021-4154

CVE-2021-4154 is a Linux kernel use-after-free in cgroup v1 parsing (cgroup1_parse_param) that allows local privilege escalation via the fsconfig parameter, potentially enabling container breakout and system DoS. Affected component: kernel/cgroup/cgroup-v1.c in the Linux kernel. Root cause: use-a...

8.8CVSS8.1AI score0.01206EPSS
CVE
CVE
added 2022/03/18 12:0 a.m.568 views

CVE-2022-1011

CVE-2022-1011: A use-after-free vulnerability in the Linux kernel FUSE implementation when a user triggers write(), enabling local privilege escalation. Affected component is the FUSE filesystem in the kernel; impact is unauthorized access to data from FUSE mounts and potential escalation. Connec...

7.8CVSS7.7AI score0.01169EPSS
CVE
CVE
added 2022/06/02 8:51 p.m.543 views

CVE-2022-32250

CVE-2022-32250 : A local privilege-escalation vulnerability in the Linux kernel affects net/netfilter/nf_tables_api.c (up to 5.18.1). An incorrect NFT_STATEFUL_EXPR check leads to a use-after-free, allowing a local user with namespace creation capability to escalate to root. Affected: Linux kerne...

7.8CVSS7.5AI score0.02881EPSS
CVE
CVE
added 2022/03/25 6:3 p.m.534 views

CVE-2022-0995

CVE-2022-0995 is an out-of-bounds memory write in the Linux kernel’s watch_queue event notification subsystem that can overwrite kernel state and may allow a local user to gain privileged access or cause a denial of service. Connected sources indicate affected kernel lines include 5.x series with...

7.8CVSS6.6AI score0.06197EPSS
CVE
CVE
added 2022/01/18 4:51 p.m.529 views

CVE-2021-4083

CVE-2021-4083 is a read-after-free in Linux kernel Unix domain socket GC triggered by a race between close() and fget(). Affected kernels are prior to 5.16-rc4. Local users could crash the system or escalate privileges. Affected products include upstream kernel and Linux distributions (Astra Linu...

7CVSS6.9AI score0.0031EPSS
CVE
CVE
added 2022/02/16 6:35 p.m.527 views

CVE-2021-3752

Mode C: CVE-2021-3752 is a Linux kernel use-after-free vulnerability in the Bluetooth L2CAP path caused by a race between connect and disconnect. The flaw can allow a local attacker to crash the system or escalate privileges. Connected documents confirm this CVE is discussed in Debian advisories ...

7.9CVSS7.2AI score0.01736EPSS
CVE
CVE
added 2022/03/03 10:4 p.m.513 views

CVE-2021-3640

The CVE-2021-3640 entry is confirmed with concrete technical details in Connected documents: a use-after-free in the Linux kernel HCI sco_sock_sendmsg() is triggered by user actions around UFFDIO_REGISTER and related race with sco_conn_del(). The flaw allows a local privileged user to crash the s...

7CVSS7.1AI score0.0037EPSS
CVE
CVE
added 2022/08/24 3:10 p.m.512 views

CVE-2021-4155

CVE-2021-4155 is a data-leak in the XFS filesystem via the XFS_IOC_ALLOCSP IOCTL that increases the size of files with unaligned sizes. A local attacker could leak data not accessible otherwise. Affected: Linux kernel with XFS. Root cause: flaw in handling size increases for unaligned allocations...

5.5CVSS6.4AI score0.00286EPSS
CVE
CVE
added 2022/03/25 12:0 a.m.493 views

CVE-2022-0330

CVE-2022-0330 affects the Linux kernel i915 GPU driver. The root cause is a missing GPU TLB flush in the i915 driver, enabling a local attacker to cause a denial of service or privilege escalation by running code on the GPU. Public documents from connected sources confirm the flaw and its associa...

7.8CVSS7.7AI score0.00379EPSS
CVE
CVE
added 2022/04/22 12:0 a.m.492 views

CVE-2022-29582

CVE-2022-29582 refers to a use-after-free in the Linux kernel io_uring timeout handling. The vulnerability resides in fs/io_uring.c and stems from a race condition in io_uring timeouts that can be triggered by a local user who does not have access to any user namespace. The initial description no...

7CVSS6.5AI score0.00773EPSS
CVE
CVE
added 2022/03/25 6:2 p.m.478 views

CVE-2022-0322

The CVE-2022-0322 entry concerns a flaw in the Linux kernel SCTP implementation. Specifically, in net/sctp/sm_make_chunk.c, the function sctp_make_strreset_req can trigger a BUG_ON when an operation uses more buffer than allocated, enabling local privilege access to cause a denial of service. Con...

5.5CVSS6.2AI score0.00292EPSS
CVE
CVE
added 2022/08/26 3:25 p.m.461 views

CVE-2021-3669

CVE-2021-3669 is a Linux kernel vulnerability where measuring shared memory usage does not scale with large shared memory segment counts, enabling resource exhaustion and DoS. Connected sources confirm the issue affects multiple kernel versions and distributions, with remediations following vendo...

5.5CVSS6.3AI score0.00281EPSS
CVE
CVE
added 2022/01/14 12:0 a.m.460 views

CVE-2022-23222

CVE-2022-23222 affects the Linux kernel Bitcoin? No. It targets kernel/bpf/verifier.c where pointer arithmetic on *_OR_NULL types can lead to privilege escalation. Affected: Linux kernel through 5.15.14 (local attacker). Connected advisories reference fixes in kernel package updates (e.g., ALAS/M...

7.8CVSS7.3AI score0.0193EPSS
CVE
CVE
added 2022/05/31 12:0 a.m.454 views

CVE-2022-1462

CVE-2022-1462 is an out-of-bounds read in the Linux kernel TeleTYpe subsystem triggered by a race using ioctls (TIOCSPTLCK, TIOCGPTPEER, TIOCSTI, TCXONC). Local users can crash the system or read unauthorized memory. Public advisories link this CVE to Linux kernel versions across multiple distrib...

6.3CVSS6.5AI score0.00334EPSS
CVE
CVE
added 2022/04/29 3:34 p.m.449 views

CVE-2022-1048

The CVE CVE-2022-1048 is a use-after-free vulnerability in the Linux kernel sound subsystem (ALSA PCM) caused by a race between concurrent hw_params and hw_free ioctls. Attacker-controlled timing on local access can crash the system or potentially escalate privileges. Affected component: Linux ke...

7CVSS7.2AI score0.00236EPSS
CVE
CVE
added 2022/08/29 2:3 p.m.436 views

CVE-2022-1016

The CVE-2022-1016 entry is confirmed to affect the Linux kernel, specifically the nf_tables_core.c component (function nft_do_chain). The flaw is a use-after-free that can lead to a kernel information leak when a local, unprivileged attacker triggers the condition. Connected sources (Astra Linux ...

5.5CVSS6AI score0.00416EPSS
Web
CVE
CVE
added 2022/03/23 5:7 a.m.434 views

CVE-2022-27666

CVE-2022-27666 describes a heap buffer overflow in IPsec ESP transformation code (net/ipv4/esp4.c and net/ipv6/esp6.c) that can allow a local user to overwrite kernel heap objects and may lead to local privilege escalation. Connected advisories confirm kernel patches are available (e.g., AlmaLinu...

7.8CVSS8AI score0.05524EPSS
CVE
CVE
added 2022/10/09 12:0 a.m.425 views

CVE-2022-42703

CVE-2022-42703 affects the Linux kernel prior to 5.19.7 via a use-after-free in leaf anon_vma double reuse in mm/rmap.c. This enables local escalation of privilege (per CVSS: LOCAL, HIGH availability impact, LOW complexity, no user interaction). Upstream fixes were applied in kernel 5.19.7 (see C...

5.5CVSS6.3AI score0.00971EPSS
CVE
CVE
added 2022/05/12 12:0 a.m.418 views

CVE-2022-30594

The CVE-2022-30594 issue affects the Linux kernel prior to 5.17.2, where the PTRACE_SEIZE path could bypass the PT_SUSPEND_SECCOMP restrictions and allow a local attacker to bypass seccomp-related restrictions. Connected advisories (Astra Linux, AlmaLinux advisories) confirm the same vulnerabilit...

7.8CVSS7.7AI score0.00798EPSS
CVE
CVE
added 2022/08/24 12:0 a.m.412 views

CVE-2021-4037

Summary: CVE-2021-4037 affects the Linux kernel’s inode_init_owner() logic for XFS SGID directories, enabling local users to create files with unintended group ownership and SGID/group-exec bits when the directory is SGID and writable to non-group members. The issue is linked to a missed fix rela...

7.8CVSS7.7AI score0.00277EPSS
CVE
CVE
added 2022/07/27 3:27 a.m.409 views

CVE-2022-36879

CVE-2022-36879 affects the Linux kernel: a flaw in xfrm_policy handling (xfrm_expand_policies) can cause a refcount to be dropped twice in net/xfrm/xfrm_policy.c. This is a local vulnerability with an availability impact (as per CVSS: 5.5, MEDIUM). The issue exists through kernel versions up to 5...

5.5CVSS6.2AI score0.00309EPSS
CVE
CVE
added 2022/11/23 2:11 p.m.409 views

CVE-2022-42896

CVE-2022-42896 affects the Linux kernel, specifically use-after-free in net/bluetooth/l2cap_core.c (l2cap_connect and l2cap_le_connect_req). A remote Bluetooth proximity attacker could trigger code execution or leak kernel memory. A fix is available by upgrading past the commit 711f8c3fb3db618970...

8.8CVSS8.7AI score0.02014EPSS
CVE
CVE
added 2022/09/01 12:0 a.m.402 views

CVE-2022-1729

CVE-2022-1729 describes a race condition in the Linux kernel perf_event_open() within the perf subsystem. An unprivileged local user could exploit this to gain root privileges, with potential follow-on impacts such as information leaks or arbitrary code execution as implied by multiple sources. C...

7CVSS7.3AI score0.0031EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.401 views

CVE-2022-38457

CVE-2022-38457 affects the vmwgfx driver (Linux kernel) in the function vmw_cmd_res_check within drivers/gpu/vmxgfx/vmxgfx_execbuf.c, exposed via /dev/dri/renderD128. The issue is a use-after-free, leading to local privilege escalation and DoS. Connected advisories ( MiracleLinux AXSA) reference ...

6.3CVSS6.2AI score0.00457EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.401 views

CVE-2022-40133

CVE-2022-40133 : A use-after-free in the Linux kernel vmwgfx driver (function vmw_execbuf_tie_context in drivers/gpu/vmxgfx/vmxgfx_execbuf.c) can be triggered by local unprivileged/user-space activity via the render node (/dev/dri/renderD128). Exploitation may allow a local attacker to gain eleva...

6.3CVSS6.2AI score0.00504EPSS
CVE
CVE
added 2022/11/14 12:0 a.m.399 views

CVE-2022-3903

CVE-2022-3903 describes an incorrect read request flaw in the Linux kernel’s Infrared Transceiver USB driver. When a user attaches a malicious USB device, a local user can cause resource starvation, leading to denial of service or potentially a system crash. Connected advisories (Unity Linux UTSA...

4.6CVSS5.5AI score0.0046EPSS
CVE
CVE
added 2022/05/17 4:50 p.m.394 views

CVE-2022-29581

CVE-2022-29581 : Affected component is the Linux kernel net/sched. The root cause is an Improper Update of Reference Count, enabling a local attacker to escalate privileges to root. The connected Astra Linux bulletin confirms the issue and states it affects Linux kernel versions prior to 5.18, an...

7.8CVSS7.8AI score0.01039EPSS
CVE
CVE
added 2022/08/31 12:0 a.m.389 views

CVE-2022-3028

CVE-2022-3028 describes a race condition in the Linux kernel’s IP framework (XFRM) where concurrent calls to xfrm_probe_algs can cause an out-of-bounds read that may be copied into a socket, or an out-of-bounds write, enabling a local attacker to leak kernel memory or crash the kernel. Connected ...

7CVSS6.9AI score0.002EPSS
CVE
CVE
added 2022/02/18 5:50 p.m.388 views

CVE-2021-20322

CVE-2021-20322 relates to a Linux kernel ICMP handling flaw (ICMP fragment needed/redirect) that lets an off-path attacker quickly discover UDP port usage, bypassing UDP source port randomization. The connected advisories confirm this affects the Linux kernel and multiple distributions and mentio...

7.4CVSS7.2AI score0.06846EPSS
CVE
CVE
added 2022/04/03 8:7 p.m.388 views

CVE-2022-28388

CVE-2022-28388 affects the Linux kernel driver usb_8dev_start_xmit (drivers/net/can/usb/usb_8dev.c). The vulnerability is a double free in the function usb_8dev_start_xmit, present up to kernel versions including 5.17.1. Documents reference a commit addressing the issue and mention downstream adv...

5.5CVSS6.3AI score0.00395EPSS
CVE
CVE
added 2022/03/04 6:41 p.m.386 views

CVE-2021-3656

CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...

8.8CVSS8.6AI score0.00658EPSS
CVE
CVE
added 2022/03/25 12:0 a.m.386 views

CVE-2021-4203

CVE-2021-4203 is a Linux kernel use-after-free read flaw in sock_getsockopt() triggered by a race between SO_PEERCRED/SO_PEERGROUPS and listen()/connect(). An authenticated local attacker could crash the system or leak kernel information. The connected IBM advisories document affected products (I...

6.8CVSS6.8AI score0.01747EPSS
CVE
CVE
added 2022/09/21 12:0 a.m.382 views

CVE-2022-41218

CVE-2022-41218 is a Linux kernel use-after-free in the DVB core (drivers/media/dvb-core/dmxdev.c) caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. The issue is local, with potential denial of service or privilege escalation as implied by downstream advisories. Public rec...

5.5CVSS6.3AI score0.00778EPSS
CVE
CVE
added 2022/03/02 12:0 a.m.379 views

CVE-2021-3772

CVE-2021-3772 affects the Linux kernel SCTP stack: a blind attacker who knows IPs/ports and can spoof packets can kill an existing SCTP association by sending invalid chunks. The connected advisories confirm the issue and point to a patch in the Linux kernel (commit 32f8807a48ae55be0e76880cfe8607...

6.5CVSS6.8AI score0.0124EPSS
CVE
CVE
added 2022/07/18 2:45 p.m.378 views

CVE-2021-33655

CVE-2021-33655 is confirmed in the provided documents as an out-of-bounds memory write triggered by malicious data sent via the framebuffer ioctl FBIOPUT_VSCREENINFO in the Linux kernel framebuffer/console path. The issue allows a local user to crash the system and potentially escalate privileges...

6.7CVSS7AI score0.00305EPSS
CVE
CVE
added 2022/03/23 7:46 p.m.378 views

CVE-2022-0854

CVE-2022-0854 is a memory leak flaw in the Linux kernel DMA subsystem (DMA_FROM_DEVICE) that could allow a local authenticated attacker to read random kernel memory, exposing data. The IBM Security Bulletin for IBM Storage Scale System lists CVE-2022-0854 among Linux kernel DMA swiotlb-related is...

5.5CVSS5.7AI score0.00462EPSS
CVE
CVE
added 2022/08/29 12:0 a.m.377 views

CVE-2022-1184

CVE-2022-1184 affects the Linux kernel ext4 file-system code (fs/ext4/namei.c:dx_insert_block). The flaw is a use-after-free that can be triggered by a local user to cause a denial of service. Astra Linux bulletin also documents this exact issue. The connected documents do not specify a fixed ver...

5.5CVSS6.2AI score0.0028EPSS
CVE
CVE
added 2022/03/08 2:6 p.m.375 views

CVE-2022-0516

CVE-2022-0516 affects the KVM for s390 in the Linux kernel, specifically the arch/s390/kvm/kvm-s390.c function kvm_s390_guest_sida_op. The vulnerability allows a local user with normal privileges to obtain unauthorized memory write access due to an insufficient check in the KVM s390x release_agen...

7.8CVSS7.3AI score0.00335EPSS
CVE
CVE
added 2022/08/31 3:33 p.m.374 views

CVE-2022-1508

The CVE-2022-1508 entry describes an out-of-bounds read in the Linux kernel io_uring module triggered by certain parameters to io_read(), enabling a local user with low privileges and no user interaction to read memory out of bounds. The provided data notes a MEDIUM base score (6.1, CVSS 3.1) wit...

6.1CVSS6.2AI score0.00235EPSS
CVE
CVE
added 2022/08/23 12:0 a.m.372 views

CVE-2021-3759

CVE-2021-3759 is a memory overflow in the Linux kernel memcg IPC path, where repeated semget calls by a local user can exhaust memory and cause a denial of service. Public docs confirm impact is local and availability-focused. Debian LTS advisory DLA-3244-1 and Amazon ALAS2KERNEL advisories for k...

5.5CVSS6.3AI score0.00345EPSS
CVE
CVE
added 2022/04/29 3:46 p.m.372 views

CVE-2022-1353

CVE-2022-1353 — pfkey_register (net/key/af_key.c, Linux kernel) : A local, unprivileged user can gain access to kernel memory due to a flaw in pfkey_register. The vulnerability can lead to a system crash or leakage of internal kernel information. The Connected documents reference Linux kernel adv...

7.1CVSS7.1AI score0.00388EPSS
Total number of security vulnerabilities312