Lucene search
K

10 matches found

CVE
CVE
added 2025/05/30 1:13 p.m.391 views

CVE-2025-4598

The CVE-2025-4598 entry concerns a race condition in systemd-coredump that can let a local attacker read a crashed SUID process’s core dump. Affected component is systemd and its coredump handling; root cause is a kill-and-replace race where the kernel recycles a PID before systemd-coredump can a...

4.7CVSS6.5AI score0.00641EPSS
CVE
CVE
added 2024/12/24 6:48 p.m.318 views

CVE-2022-21505

CVE-2022-21505: In the Linux kernel IMA, enabling appraisal with ima_appraise=log can bypass lockdown on systems where Secure Boot is disabled or unavailable. IMA blocks ima_appraise=log via boot params when Secure Boot is enabled, but this protection does not cover lockdown used without Secure B...

6.7CVSS7AI score0.002EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.303 views

CVE-2022-21499

CVE-2022-21499: KGDB/KDB can read/write kernel memory if lockdown is triggered; attacker with serial-port access could trigger debugger. Connected advisories reiter the risk and note the need to ensure lockdown mode is respected, but do not specify a patched version or remediation beyond that. Th...

6.7CVSS7AI score0.00612EPSS
CVE
CVE
added 2022/02/16 4:37 p.m.159 views

CVE-2021-3551

CVE-2021-3551 is described in connected documents as a vulnerability in the PKI-server where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This allows a local attacker to retrieve the log and obtain the admin password, enabling admin privile...

7.8CVSS7.3AI score0.00183EPSS
CVE
CVE
added 2023/09/20 8:39 p.m.155 views

CVE-2023-22024

CVE-2023-22024 affects the Unbreakable Enterprise Kernel (UEK) RDS module, where two setsockopt options (RDS_CONN_RESET and RDS6_CONN_RESET) are not re-entrant. A local attacker with CAP_NET_ADMIN can crash the kernel. Connected advisories (e.g., Oracle ELSA updates) indicate a security update ad...

5.5CVSS5.2AI score0.00168EPSS
CVE
CVE
added 2021/09/24 6:55 p.m.70 views

CVE-2021-2464

CVE-2021-2464 affects Oracle Linux OSwatcher (OSwatcher component) on Oracle Linux 7 and 8. The vulnerability is described as easily exploitable by a low-privilege attacker with logon to the infrastructure where Oracle Linux runs, potentially leading to takeover of Oracle Linux. CVSS 3.1 base sco...

7.8CVSS7.5AI score0.00323EPSS
CVE
CVE
added 2022/06/14 5:50 p.m.61 views

CVE-2022-21504

CVE-2022-21504 affects Oracle UEK 6 U3, where a missing file descriptor count in UEK6 U3 can lead to a use-after-free-like condition: a socket’s descriptor may be closed/freed while still in use, allowing local access to cause a denial of service. The CVE is documented with CVSS 3.1 base score 5....

5.5CVSS5.2AI score0.00248EPSS
CVE
CVE
added 2026/05/01 5:53 p.m.20 views

CVE-2026-35233

CVE-2026-35233 is active in the Oracle Linux dtrace subsystem. An unprivileged user can craft a binary with an out-of-range sh_link, enabling an ELF parser to read memory beyond the allocated section cache due to missing bounds checks during object symbol table construction. This can cause a NULL...

4.4CVSS5.8AI score0.00108EPSS
CVE
CVE
added 2026/03/16 9:36 p.m.15 views

CVE-2026-21991

The CVE-2026-21991 issue affects the DTrace component dtprobed, specifically its handling of USDT probes, enabling arbitrary file creation through crafted provider names. Multiple connected advisories confirm dtprobed as the vulnerable element and describe the risk of code execution as a worst-ca...

5.5CVSS5.9AI score0.00181EPSS
CVE
CVE
added 2026/05/01 5:51 p.m.12 views

CVE-2026-21996

CVE-2026-21996 affects dtrace: an unprivileged, local attacker can trigger a crash in the dtrace process by feeding a malicious ELF binary, caused by an integer Divide-by-Zero in Pbuild_file_symtab(). Several advisories (e.g., Oracle ELSA-2026-50249) indicate a security update addressing this iss...

5.5CVSS5.8AI score0.0011EPSS