- EPSS 0.73%
- Veröffentlicht 26.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:41
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant wi...
CVE-2022-2991
- EPSS 0.41%
- Veröffentlicht 25.08.2022 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:02:02
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allo...
CVE-2022-2978
- EPSS 0.23%
- Veröffentlicht 24.08.2022 16:15:12
- Zuletzt bearbeitet 21.11.2024 07:02:01
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentiall...
CVE-2021-4037
- EPSS 0.28%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:36:46
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set...
CVE-2021-4155
- EPSS 0.29%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:00
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
CVE-2021-3714
- EPSS 1.1%
- Veröffentlicht 23.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:22:13
A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and ...
CVE-2021-3659
- EPSS 0.26%
- Veröffentlicht 22.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:22:05
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerabili...
CVE-2022-26373
- EPSS 0.35%
- Veröffentlicht 18.08.2022 20:15:11
- Zuletzt bearbeitet 05.05.2025 17:18:03
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-2503
- EPSS 0.35%
- Veröffentlicht 12.08.2022 11:15:07
- Zuletzt bearbeitet 21.11.2024 07:01:07
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch...
CVE-2022-20368
- EPSS 0.13%
- Veröffentlicht 11.08.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:42:40
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel