70 matches found
CVE-2019-2215
CVE-2019-2215 is a use-after-free in the Android binder driver (binder.c) that enables local privilege escalation from an app to the Linux kernel. The issue is local, with no user interaction required, and exploitation may lead to memory corruption, denial of service, or escalation per the cited ...
CVE-2020-12888
CVE-2020-12888 affects the Linux kernel VFIO PCI driver (through 5.6.13) and arises from improper handling of accesses to disabled MMIO space. A local attacker or a guest VM with VFIO access could trigger a denial of service or crash by exploiting writes/reads to disabled memory regions. Connecte...
CVE-2021-41864
CVE-2021-41864 affects the Linux kernel (pre-5.14.12) in prealloc_elems_and_freelist() within kernel/bpf/stackmap.c. An unprivileged local user can trigger an eBPF multiplication overflow, causing an out-of-bounds write and potential memory corruption or system crash. The issue is fixed in Linux ...
CVE-2021-22543
CVE-2021-22543 is described in connected advisories as a local privilege-escalation through KVM and improper handling of VM_IO|VM_PFNMAP VMAs, which can bypass RO checks and allow reading/writing guest memory by a privileged VM operator. Technical details across sources indicate the vulnerability...
CVE-2021-32399
CVE-2021-32399 affects the Linux kernel’s Bluetooth HCI handling, specifically a race condition in removal of the HCI controller implemented in net/bluetooth/hci_request.c up to version 5.12.2. The connected Astra Linux entry references the same race condition in the Linux kernel, and a dated Lin...
CVE-2021-27365
CVE-2021-27365 affects the Linux kernel iSCSI subsystem. The issue is a heap overflow in iSCSI data handling where certain iSCSI data structures lack proper length checks and can exceed PAGE_SIZE; an unprivileged, local user can send a Netlink message (up to the maximum Netlink message length) an...
CVE-2021-27364
CVE-2021-27364 is a Linux kernel issue affecting the iSCSI libiscsi/iscsi subsystem (out-of-bounds read in the libiscsi module leading to possible kernel memory disclosure or crash). Connected advisories confirm related CVEs (27363, 27365) in the same area affecting sessions/handles and heap over...
CVE-2021-22947
CVE-2021-22947 affects curl when connecting to IMAP/POP3 servers using STARTTLS: multiple responses are cached before TLS, and after upgrading to TLS curl may trust pre‑TLS data, enabling a MITM injection of data. Affected releases range from curl 7.20.0 up to 7.78.0; exploitation details are not...
CVE-2019-5481
CVE-2019-5481 is a double-free vulnerability in curl’s FTP-Kerberos code, affecting curl 7.52.0 through 7.65.3. Exploitation involves a malicious FTP server sending a very large data block, which can cause memory corruption leading to a crash or denial of service (DoS). Multiple connected advisor...
CVE-2021-27363
CVE-2021-27363 affects the Linux kernel iSCSI subsystem. A flaw leaks the iSCSI transport’s kernel address via the sysfs handle (/sys/class/iscsi_transport/$TRANSPORT_NAME/handle), enabling a local attacker to leak the iscsi_transport pointer and potentially end arbitrary iSCSI connections. Conne...
CVE-2020-14356
CVE-2020-14356 affects the Linux kernel cgroupv2 subsystem in versions before 5.7.10. The flaw is a use-after-free / NULL pointer dereference in the handling of socket references to cgroups, which, under certain configurations (including reboot scenarios), could allow a local user to crash the sy...
CVE-2019-14815
CVE-2019-14815 is a Linux kernel issue in the Marvell Mwifiex WiFi driver, described in the connected F5 advisory as a heap overflow in mwifiex_set_wmm_params(). The initial document also notes a heap overflow in this driver. The provided sources do not include explicit exploit details, affected ...
CVE-2021-33574
CVE-2021-33574 affects the GNU C Library (glibc) mq_notify function in versions 2.32 and 2.33, where a notification thread attributes object passed via struct sigevent may be freed by the caller and then used, causing denial of service (crash) or other impact. Connected advisories confirm this is...
CVE-2020-29661
The entry CVE-2020-29661 describes a local, kernel-space vulnerability in the Linux tty subsystem (drivers/tty/tty_jobctrl.c) that can enable a use-after-free through TIOCSPGRP. A locking issue in this path allows memory corruption and potential privilege escalation or system impact when an attac...
CVE-2021-22924
CVE-2021-22924 — libcurl connection reuse flaw : The issue arises when libcurl reuses connections from its pool without correctly accounting for the issuer certificate and with path comparisons that are case-insensitive. This can cause a transfer to use the wrong, previously opened connection. Pu...
CVE-2019-19063
Concretely affected software: Linux kernel realtek rtlwifi USB driver (rtl_usb_probe in drivers/net/wireless/realtek/rtlwifi/usb.c). Root cause: two memory leaks in rtl_usb_probe() leading to memory exhaustion. Impact: potential denial of service due to unbounded memory consumption (through 5.3.1...
CVE-2021-3612
CVE-2021-3612 is an out-of-bounds memory write flaw in the Linux kernel joystick subsystem exploitable by a local user via the JSIOCSBTNMAP ioctl. The advisory notes potential system crash and possible privilege escalation. Affected disclosures reference pre-5.13.2 revisions (e.g., fixes upstream...
CVE-2020-13143
CVE-2020-13143 affects the Linux kernel USB gadget/configfs (drivers/usb/gadget/configfs.c) from 3.16 to 5.6.13. The flaw arises when gadget_dev_desc_UDC_store uses kstrdup and may encounter an internal NUL value, leading to potential out-of-bounds memory access (reported as heap out-of-bounds wr...
CVE-2020-29660
This CVE (CVE-2020-29660) affects the Linux kernel tty subsystem, specifically in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c, where a locking inconsistency can enable a local attacker to perform a read-after-free against TIOCGSID. Consequences stated in multiple advisories include memory ...
CVE-2020-36158
CVE-2020-36158 is a Linux kernel vulnerability in the Marvell mwifiex WiFi driver (join.c) that allows a long SSID to trigger a buffer overflow, potentially leading to system crash or arbitrary code execution. Affected trees include kernels up to 5.10.4; upstream patch (commit 5c455c5ab332) adds ...
CVE-2021-22946
CVE-2021-22946 affects curl before 7.82.0 (and within 7.20.0–7.78.0 per description) where the --ssl-reqd option or CURLUSESSL controls could be bypassed if a server crafts a legitimate response, allowing curl to continue without TLS. Connected sources confirm this flaw exists across multiple eco...
CVE-2019-19060
CVE-2019-19060 is a memory-leak vulnerability in the Linux kernel (discovered in adis_buffer.c: adis_update_scan_mode()) that can lead to memory exhaustion and DoS. Affected: Linux kernel versions before 5.3.9 (drivers/iio/imu/adis_buffer.c). Exploitation details are not provided in the documents...
CVE-2021-28660
CVE-2021-28660 affects the Realtek RTL8188EU WiFi driver (drivers/staging/rtl8188eu/os_dep/ioctl_linux.c) in the Linux kernel and is caused by writing beyond the end of the ssid[] array in rtw_wx_set_scan. The Connected documents confirm this exact issue across multiple advisories (e.g., Debian L...
CVE-2021-23133
CVE-2021-23133 is a race condition in the Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8. If sctp_destroy_sock executes without sock_net(sk)->sctp.addr_wq_lock, an element is removed from the auto_asconf_splist list without proper locking, enabling a local attacker with networ...
CVE-2020-15436
The CVE-2020-15436 entry is confirmed by connected sources as a Linux kernel local-use-after-free vulnerability in fs/block_dev.c (pre-5.8). It enables a local attacker to gain elevated privileges or cause a denial of service by abusing improper access to a particular error field. The Linux kerne...
CVE-2021-22945
Summary: CVE-2021-22945 affects libcurl/curl when sending data to an MQTT server, where in some cases a pointer to freed memory could be reused and freed again. This is a memory-use-after-free/double-free issue in libcurl. What is affected: libcurl/curl (MQTT data transmission scenarios) with vul...
CVE-2019-19052
CVE-2019-19052 is a memory-leak vulnerability in the Linux kernel, specifically in drivers/net/can/usb/gs_usb.c within the gs_can_open() function. The issue allows a denial of service through memory consumption when usb_submit_urb() fails, affecting the kernel up to version before 5.3.11. The rea...
CVE-2020-25672
The CVE-2020-25672 entry refers to a memory-leak vulnerability in the Linux kernel NFC LLCP path (llcp_sock_connect). The issue is described as a memory leak in the NFC LLCP implementation, which can lead to resource exhaustion and denial of service when non-blocking socket operations trigger the...
CVE-2021-28375
The CVE-2021-28375 issue affects the Linux kernel up to 5.11.6, specifically fastrpc_internal_invoke in drivers/misc/fastrpc.c, which does not prevent user-space processes from sending kernel RPC messages. This is a local, privilege-escalation risk (as indicated by related CVE-2019-2308) that cou...
CVE-2021-28038
CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...
CVE-2020-25671
CVE-2020-25671 is a Linux kernel vulnerability in the NFC LLCP implementation where a refcount leak in llcp_sock_connect() can cause a use-after-free, potentially enabling privilege escalation or system crash via local access. Affected: Linux kernel NFC LLCP path; impact parameter: local attacker...
CVE-2020-14305
Mode C: CVE-2020-14305 is a Linux kernel vulnerability described in connected documents as an out-of-bounds memory write affecting the Voice Over IP H.323 connection tracking for ipv6 port 1720. An unauthenticated remote attacker could crash the system, causing DoS, with high impact on confidenti...
CVE-2021-28971
The CVE-2021-28971 vulnerability affects the Linux kernel: specifically, intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c can mishandle PEBS status on Haswell-era CPUs, potentially causing a system crash when userspace tools (e.g., perf-fuzzer) access performance events. The issue exists in...
CVE-2020-25692
CVE-2020-25692 affects OpenLDAP slapd. It is a NULL pointer dereference during a request to rename RDNs, allowing an unauthenticated remote attacker to crash slapd and cause Denial of Service. The fix is OpenLDAP 2.4.55. IBM/Red Hat advisories and the 2020 CVE entry document this issue and its re...
CVE-2021-31440
CVE-2021-31440 affects the Linux kernel, with the vulnerability in the eBPF verifier: improper validation of user-supplied eBPF programs can allow a local attacker to escalate privileges and execute code in kernel context. The issue is rooted in the handling/verification of eBPF programs, leading...
CVE-2019-15118
CVE-2019-15118 affects the Linux kernel up to version 5.2.9. The vulnerability arises from the function check_input_term in sound/usb/mixer.c , which mishandles recursion and can cause a kernel stack exhaustion leading to a crash. The connected Nessus entries corroborate the issue and reference U...
CVE-2020-9383
CVE-2020-9383 affects the Linux kernel floppy driver (set_fdc in drivers/block/floppy.c) where the FDC index is not checked for errors before assignment, causing a wait_til_ready out-of-bounds read. Impact per the CVE description: local attacker could cause a denial of service or privilege escala...
CVE-2021-42008
The CVE-2021-42008 entry concerns the Linux kernel 6pack driver (drivers/net/hamradio/6pack.c). It describes a slab out-of-bounds write in decode_data up to kernel versions before 5.13.13, enabling a local attacker with CAP_NET_ADMIN to achieve root access. Connected documents corroborate the aff...
CVE-2020-27350
Public technical details (affected package internals, exploit vectors, and fixes) for CVE-2020-27350 are not provided in the connected documents. The materials reference advisories but do not disclose root cause or remediation specifics; monitor for updates.
CVE-2021-28964
CVE-2021-28964: A race condition in get_old_root() in fs/btrfs/ctree.c of the Linux kernel up to 5.11.8 can allow a local attacker to cause a denial of service by cloning an extent buffer without proper locking. Connected documents confirm the Btrfs race condition and DoS impact but do not provid...
CVE-2020-25670
CVE-2020-25670 is a Linux kernel vulnerability affecting the NFC LLCP protocol implementation. The issue is a refcount leak in llcp_sock_bind() that can cause a use-after-free, with the potential for privilege escalation. The connected documents confirm the vulnerability and its association with ...
CVE-2021-28972
CVE-2021-28972 affects the Linux kernel RPA PCI Hotplug driver (drivers/pci/hotplug/rpadlpar_sysfs.c) up to version 5.11.8. It is a user‑tolerable buffer overflow caused by improper handling of drc_name termination in add_slot_store/remove_slot_store, allowing userspace to write into the kernel s...
CVE-2021-28952
CVE-2021-28952 concerns a buffer overflow in the Linux kernel’s sound/soc/qcom/sdm845.c soundwire driver when an unexpected port ID is encountered. Affected: Linux kernel 5.11.8 and earlier (through 5.11.x); root cause: buffer overflow in the driver. Impact described in sources as potentially ena...
CVE-2020-25668
CVE-2020-25668 is a Linux kernel vulnerability in the TTY subsystem (con_font_op) caused by unsynchronized access to fg_console, leading to a use-after-free. According to Debian, this can cause a crash or memory corruption and may enable privilege escalation; CloudLinux notes a fix was applied in...
CVE-2019-19054
CVE-2019-19054: A memory leak in the Linux kernel cx23888_ir_probe() function (drivers/media/pci/cx23885/cx23888-ir.c) through version 5.3.11 can lead to denial of service via memory consumption when kfifo_alloc() fails. Connected Nessus advisories (UNITY_LINUX_UTSA-2026-004170 and related entrie...
CVE-2021-3506
CVE-2021-3506 : An out-of-bounds memory access in fs/f2fs/node.c of the Linux kernel (f2fs module) allows a local attacker to read/write out-of-bounds memory, leading to a system crash or leakage of kernel information. Affected are kernel versions before 5.12.0-rc4. The description notes the high...
CVE-2021-42252
The CVE-2021-42252 issue affects the Linux kernel up to version 5.14.5 in aspeed_lpc_ctrl_mmap (drivers/soc/aspeed/aspeed-lpc-ctrl.c). A memory overwrite can occur via the Aspeed LPC control interface when a comparison uses non-memory-size values, enabling a local attacker to potentially escalate...
CVE-2020-27825
CVE-2020-27825: A use-after-free in Linux kernel kernel/trace/ring_buffer.c (before 5.10-rc1) enables a race between trace_open and cpu-buffer resize, allowing local DOS and potential information leaks. Affected: Linux kernel’s tracing ring buffer; root cause is a race on parallel CPU access. Mit...
CVE-2019-19448
CVE-2019-19448 is a use-after-free in Linux kernel’s Btrfs code (try_merge_free_space in fs/btrfs/free-space-cache.c). It can be triggered by mounting a crafted Btrfs image and performing operations followed by a syncfs, due to a pointer alias between left and right data structures. Affected: Lin...
CVE-2021-22901
CVE-2021-22901 affects curl/libcurl up to version 7.76.x for builds using OpenSSL. A use-after-free during TLS 1.3 session-ticket handling on a single connection can lead to remote code execution in rare cases. Impact is tied to memory access after freeing objects when a session ticket arrives on...