Linux

Linux Kernel

14022 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-3764

  • EPSS 0.02%
  • Veröffentlicht 23.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:22

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system ...

5.5

CVE-2022-2873

  • EPSS 0.04%
  • Veröffentlicht 22.08.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:01:51

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to cra...

5.5

CVE-2021-3659

  • EPSS 0.02%
  • Veröffentlicht 22.08.2022 15:15:13
  • Zuletzt bearbeitet 21.11.2024 06:22:05

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerabili...

6.7

CVE-2022-2503

Exploit
  • EPSS 0%
  • Veröffentlicht 12.08.2022 11:15:07
  • Zuletzt bearbeitet 21.11.2024 07:01:07

Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch...

7.8

CVE-2022-1158

Exploit
  • EPSS 0.02%
  • Veröffentlicht 05.08.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:40:09

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host ...

7.1

CVE-2022-1973

  • EPSS 0.13%
  • Veröffentlicht 05.08.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:51

A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

8.2

CVE-2022-1012

  • EPSS 0.28%
  • Veröffentlicht 05.08.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:39:51

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.

7.8

CVE-2022-36123

Exploit
  • EPSS 0.03%
  • Veröffentlicht 29.07.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 07:12:26

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

7.5

CVE-2022-36946

  • EPSS 4.82%
  • Veröffentlicht 27.07.2022 20:15:08
  • Zuletzt bearbeitet 05.05.2025 16:15:18

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encou...

5.5

CVE-2022-36879

  • EPSS 0.03%
  • Veröffentlicht 27.07.2022 04:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:17

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.