Oracle

Linux

228 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2026-35233

  • EPSS 0.02%
  • Veröffentlicht 01.05.2026 18:16:14
  • Zuletzt bearbeitet 05.05.2026 17:46:30

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via dtrace -p , pid probes, or USDT), the ELF parser r...

5.5

CVE-2026-21996

  • EPSS 0.02%
  • Veröffentlicht 01.05.2026 18:16:13
  • Zuletzt bearbeitet 05.05.2026 17:45:58

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()

5.5

CVE-2026-21991

  • EPSS 0.01%
  • Veröffentlicht 16.03.2026 21:36:44
  • Zuletzt bearbeitet 07.04.2026 01:02:06

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.

4.7

CVE-2025-4598

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.05.2025 13:13:26
  • Zuletzt bearbeitet 12.05.2026 13:17:21

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, suc...

7.8

CVE-2022-21546

  • EPSS 0.07%
  • Veröffentlicht 02.05.2025 21:52:09
  • Zuletzt bearbeitet 10.11.2025 17:37:14

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is...

6.7

CVE-2022-21505

  • EPSS 0.07%
  • Veröffentlicht 24.12.2024 19:15:06
  • Zuletzt bearbeitet 18.06.2025 20:42:10

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Sec...

5.5

CVE-2023-22024

  • EPSS 0.02%
  • Veröffentlicht 20.09.2023 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:44:07

In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant. A malicious local user with CAP_NET_ADMIN can use this to crash the kernel. CVSS 3.1 Base S...

6.2

CVE-2022-21385

Exploit
  • EPSS 0.07%
  • Veröffentlicht 29.08.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:44:34

A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

2.1

CVE-2022-21504

  • EPSS 0.08%
  • Veröffentlicht 14.06.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:44:50

The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An att...

4.6

CVE-2022-21499

  • EPSS 0.18%
  • Veröffentlicht 09.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:44:50

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is...