bpftool (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package bpftool, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2021-47548 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow…
CVE-2023-52801 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area…
CVE-2024-35845 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The…
CVE-2024-35960 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously…
CVE-2022-1012 — CVSS 8.2 (high): A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This…
CVE-2022-41674 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the…
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2023-52434 — CVSS 8.0 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate…
CVE-2024-26582 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt…
CVE-2024-38556 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent…
CVE-2023-52922 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in…
CVE-2024-38586 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An…
CVE-2023-52864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7…
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2022-28893 — CVSS 7.8 (high): The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-29581 — CVSS 7.8 (high): Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root…
CVE-2023-52667 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When…
CVE-2022-2964 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability…
CVE-2024-50226 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In…
CVE-2024-39502 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del() When queues are started…
CVE-2022-2639 — CVSS 7.8 (high): An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and…
CVE-2024-40927 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2024-50262 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key()…
CVE-2024-36979 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious…
CVE-2022-33743 — CVSS 7.8 (high): network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2024-26739 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb…
CVE-2024-36978 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune()…
CVE-2022-34918 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could…
CVE-2024-50125 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been…
CVE-2024-50124 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been…
CVE-2024-36921 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard…
CVE-2024-40939 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation…
CVE-2023-52439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2024-47675 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If…
CVE-2024-40954 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It…
CVE-2024-46713 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that…
CVE-2024-42284 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error…
CVE-2024-40958 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a…
CVE-2024-36904 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson…
CVE-2023-4147 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw…
CVE-2024-36886 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro…
CVE-2023-4004 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element…
CVE-2024-26930 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan…
CVE-2022-1055 — CVSS 7.8 (high): A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2024-26961 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del…
CVE-2023-3610 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-35788 — CVSS 7.8 (high): An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write…
CVE-2022-39189 — CVSS 7.8 (high): An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel…
CVE-2021-47459 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv It…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-3390 — CVSS 7.8 (high): A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error…
CVE-2024-27022 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald…
CVE-2023-32233 — CVSS 7.8 (high): In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform…
CVE-2023-31248 — CVSS 7.8 (high): Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain…
CVE-2024-27049 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2024-27065 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2024-41073 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to…
CVE-2022-4139 — CVSS 7.8 (high): An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2022-28390 — CVSS 7.8 (high): ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2024-38570 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM…
CVE-2024-1085 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2024-38562 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array…
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2024-26581 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2022-45934 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2022-1882 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe…
CVE-2022-1998 — CVSS 7.8 (high): A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call…
CVE-2023-0179 — CVSS 7.8 (high): A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack…
CVE-2024-41096 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msi_capability_init KFENCE reports the following…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2022-42720 — CVSS 7.8 (high): Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be…
CVE-2023-2235 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The…
CVE-2024-35789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When…
CVE-2024-35791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-21102 — CVSS 7.8 (high): In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This…
CVE-2021-47596 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2024-35911 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver…
CVE-2024-36016 — CVSS 7.7 (high): In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the…
CVE-2024-42225 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing…
CVE-2022-36946 — CVSS 7.5 (high): nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service…
CVE-2024-21823 — CVSS 7.5 (high): Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors…
CVE-2023-39198 — CVSS 7.5 (high): A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the…
CVE-2022-4379 — CVSS 7.5 (high): A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2024-38573 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference…
CVE-2024-27052 — CVSS 7.4 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue…
CVE-2024-35937 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like…
CVE-2024-36019 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2024-26982 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero…
CVE-2021-47383 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens…
CVE-2024-41014 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack…
CVE-2024-41013 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity…
CVE-2024-26593 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel…
CVE-2024-38538 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes…
CVE-2024-39487 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In…
CVE-2024-26630 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we…
CVE-2023-52626 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll…
CVE-2024-35896 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple…
CVE-2024-40929 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some…
CVE-2024-26673 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom…
CVE-2024-41091 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed…
CVE-2024-50115 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore…
CVE-2024-25743 — CVSS 7.1 (high): In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the…
CVE-2022-1353 — CVSS 7.1 (high): A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged…
CVE-2024-41090 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed…
CVE-2024-36883 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called…
CVE-2024-40978 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The…
CVE-2022-3028 — CVSS 7.0 (high): A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to…
CVE-2022-1729 — CVSS 7.0 (high): A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2024-27397 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout…
CVE-2024-41040 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix UAF when resolving a clash KASAN reports the following…
CVE-2024-27020 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()…
CVE-2024-26974 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI…
CVE-2022-1048 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The…
CVE-2024-36899 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The…
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2024-46858 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync There are two paths to access…
CVE-2023-51043 — CVSS 7.0 (high): In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic…
CVE-2023-51779 — CVSS 7.0 (high): bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2024-50275 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic…
CVE-2024-50154 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin…
CVE-2023-52578 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEV_STATS_INC() syzbot/KCSAN reported data-races in…
CVE-2022-20141 — CVSS 7.0 (high): In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege…
CVE-2022-2959 — CVSS 7.0 (high): A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within…
CVE-2023-6531 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2023-24023 — CVSS 6.8 (medium): Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow…
CVE-2023-2002 — CVSS 6.8 (medium): A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux…
CVE-2022-1789 — CVSS 6.8 (medium): With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the…
CVE-2024-0565 — CVSS 6.8 (medium): An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the…
CVE-2024-26828 — CVSS 6.7 (medium): In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step…
CVE-2022-43750 — CVSS 6.7 (medium): drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the…
CVE-2024-26586 — CVSS 6.7 (medium): In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are…
CVE-2023-2194 — CVSS 6.7 (medium): An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was…
CVE-2022-21499 — CVSS 6.7 (medium): KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a…
CVE-2022-21505 — CVSS 6.7 (medium): In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine…
CVE-2021-33655 — CVSS 6.7 (medium): When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-3628 — CVSS 6.6 (medium): A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious…
CVE-2024-0841 — CVSS 6.6 (medium): A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality…
CVE-2024-25742 — CVSS 6.5 (medium): In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its…
CVE-2022-23825 — CVSS 6.5 (medium): Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information…
CVE-2023-6240 — CVSS 6.5 (medium): A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network…
CVE-2021-26341 — CVSS 6.5 (medium): Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2023-28746 — CVSS 6.5 (medium): Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R)…
CVE-2024-26886 — CVSS 6.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on…
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2023-45863 — CVSS 6.4 (medium): An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that…
CVE-2023-52581 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired…
CVE-2022-1462 — CVSS 6.3 (medium): An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition…
CVE-2024-38544 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt()…
CVE-2022-38096 — CVSS 6.3 (medium): A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel…
CVE-2024-27030 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF…
CVE-2022-1280 — CVSS 6.3 (medium): A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This…
CVE-2024-50251 — CVSS 6.2 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling…
CVE-2023-6915 — CVSS 6.2 (medium): A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this…
CVE-2024-35899 — CVSS 6.1 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net…
CVE-2023-39193 — CVSS 6.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows…
CVE-2023-52529 — CVSS 6.0 (medium): In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sony_probe() If an error…
CVE-2020-36516 — CVSS 5.9 (medium): An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy…
CVE-2022-2196 — CVSS 5.8 (medium): A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2…
CVE-2022-29901 — CVSS 5.6 (medium): Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the…
CVE-2023-25775 — CVSS 5.6 (medium): Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user…
CVE-2023-1998 — CVSS 5.6 (medium): The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the…
CVE-2024-26773 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in…
CVE-2021-47385 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary…
CVE-2021-47400 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly…
CVE-2021-47606 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len…
CVE-2022-0480 — CVSS 5.5 (medium): A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to…
CVE-2022-0617 — CVSS 5.5 (medium): A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter…
CVE-2022-0854 — CVSS 5.5 (medium): A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user…
CVE-2022-1016 — CVSS 5.5 (medium): A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to…
CVE-2022-1184 — CVSS 5.5 (medium): A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a…
CVE-2022-1852 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn…
CVE-2022-2078 — CVSS 5.5 (medium): A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer…
CVE-2022-21123 — CVSS 5.5 (medium): Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2022-21125 — CVSS 5.5 (medium): Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2022-21166 — CVSS 5.5 (medium): Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to…