CVE-2022-0330
- EPSS 0.38%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:38:23
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
- EPSS 67.99%
- Veröffentlicht 25.03.2022 19:15:10
- Zuletzt bearbeitet 21.11.2024 06:38:37
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash t...
CVE-2021-3941
- EPSS 0.29%
- Veröffentlicht 25.03.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:49
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A spec...
CVE-2022-0996
- EPSS 1.53%
- Veröffentlicht 23.03.2022 20:15:10
- Zuletzt bearbeitet 03.11.2025 21:15:50
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
CVE-2021-3748
- EPSS 0.52%
- Veröffentlicht 23.03.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:19
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious gues...
CVE-2022-27666
- EPSS 5.52%
- Veröffentlicht 23.03.2022 06:15:06
- Zuletzt bearbeitet 21.11.2024 06:56:08
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation ...
CVE-2022-1011
- EPSS 1.17%
- Veröffentlicht 18.03.2022 18:15:12
- Zuletzt bearbeitet 21.11.2024 06:39:51
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
CVE-2022-0918
- EPSS 5.91%
- Veröffentlicht 16.03.2022 15:15:16
- Zuletzt bearbeitet 03.11.2025 21:15:50
A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, n...
CVE-2021-20257
- EPSS 0.36%
- Veröffentlicht 16.03.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 05:46:13
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to cons...
- EPSS 89.06%
- Veröffentlicht 10.03.2022 17:44:57
- Zuletzt bearbeitet 06.11.2025 14:50:37
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user co...