CVE-2022-20166
- EPSS 0.15%
- Veröffentlicht 15.06.2022 14:15:11
- Zuletzt bearbeitet 21.11.2024 06:42:16
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio...
CVE-2022-1280
- EPSS 0.27%
- Veröffentlicht 13.04.2022 18:15:09
- Zuletzt bearbeitet 21.11.2024 06:40:24
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
CVE-2021-39801
- EPSS 0.11%
- Veröffentlicht 12.04.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:20:15
In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android...
CVE-2021-3847
- EPSS 0.45%
- Veröffentlicht 01.04.2022 23:15:10
- Zuletzt bearbeitet 21.11.2024 06:22:38
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to esc...
CVE-2020-35501
- EPSS 0.24%
- Veröffentlicht 30.03.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 05:27:26
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem
- EPSS 0.15%
- Veröffentlicht 16.03.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:20:00
In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede...
- EPSS 0.36%
- Veröffentlicht 10.03.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:47:52
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table i...
CVE-2022-25265
- EPSS 1.05%
- Veröffentlicht 16.02.2022 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:51:54
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable ...
CVE-2021-3773
- EPSS 5.28%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 28.03.2025 15:15:41
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
CVE-2021-44879
- EPSS 1.23%
- Veröffentlicht 14.02.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:31:39
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.