Linux Kernel vulnerabilities

CVE-2022-36402 [MEDIUM] CWE-118 CVE-2022-36402: An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-38457 [MEDIUM] CWE-416 CVE-2022-38457: A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/ A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-40133 [MEDIUM] CWE-416 CVE-2022-40133: A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/v A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-38096 [MEDIUM] CWE-476 CVE-2022-38096: A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_exe A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-36280 [MEDIUM] CWE-120 CVE-2022-36280: An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/v An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-1116 [HIGH] CWE-190 CVE-2022-1116: Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to ca Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

CVE-2022-29581 [HIGH] CWE-911 CVE-2022-29581: Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

CVE-2022-1055 [HIGH] CWE-416 CVE-2022-1055: A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to g A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

CVE-2022-0742 [CRITICAL] CWE-275 CVE-2022-0742: Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

CVE-2021-34866 [HIGH] CWE-843 CVE-2021-34866: This vulnerability allows local attackers to escalate privileges on affected installations of Linux This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of prope

CVE-2021-31440 [HIGH] CWE-682 CVE-2021-31440: This vulnerability allows local attackers to escalate privileges on affected installations of Linux This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper

CVE-2021-3444 [HIGH] CWE-681 CVE-2021-3444: The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation w The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could pote

CVE-2019-19332 [MEDIUM] CWE-787 CVE-2019-19332: An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting

CVE-2019-14815 [HIGH] CWE-122 CVE-2019-14815: A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

CVE-2014-3180 [CRITICAL] CWE-125 CVE-2014-3180: In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable

CVE-2019-14816 [HIGH] CWE-122 CVE-2019-14816: There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wif There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

CVE-2019-14814 [HIGH] CWE-122 CVE-2019-14814: There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marve There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

CVE-2019-14821 [HIGH] CWE-787 CVE-2019-14821: An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Li An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process.

CVE-2018-10853 [HIGH] CWE-250 CVE-2018-10853: A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sg A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.

CVE-2018-5391 [HIGH] CWE-400 CVE-2018-5391: The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of speci The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current