Linux

Linux Kernel

12290 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-23454

  • EPSS 0.05%
  • Published 12.01.2023 07:15:08
  • Last modified 20.03.2025 21:15:18

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...

5.5

CVE-2022-4543

Exploit
  • EPSS 0.2%
  • Published 11.01.2023 15:15:09
  • Last modified 08.04.2025 20:15:18

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

7.8

CVE-2022-4696

Exploit
  • EPSS 0.01%
  • Published 11.01.2023 13:15:09
  • Last modified 21.11.2024 07:35:45

There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its referen...

7.5

CVE-2022-4379

  • EPSS 0.41%
  • Published 10.01.2023 22:15:14
  • Last modified 08.04.2025 19:15:46

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

6.4

CVE-2022-4382

Exploit
  • EPSS 0.02%
  • Published 10.01.2023 22:15:14
  • Last modified 09.04.2025 16:15:21

A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.

8.8

CVE-2022-2196

  • EPSS 0.03%
  • Published 09.01.2023 11:15:10
  • Last modified 13.02.2025 17:15:40

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBR...

7.8

CVE-2022-4378

  • EPSS 0.02%
  • Published 05.01.2023 16:15:11
  • Last modified 10.04.2025 15:16:01

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

5.5

CVE-2022-47946

Exploit
  • EPSS 0.02%
  • Published 23.12.2022 22:15:08
  • Last modified 15.04.2025 14:15:40

An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some...

8.1

CVE-2022-47943

  • EPSS 1.29%
  • Published 23.12.2022 17:15:08
  • Last modified 15.04.2025 14:15:39

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.

6.5

CVE-2022-47938

  • EPSS 4.61%
  • Published 23.12.2022 16:15:12
  • Last modified 15.04.2025 04:15:35

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.