Filtered by vendor Linux
Subscriptions
Filtered by product Linux Kernel
Subscriptions
Total
6928 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21820 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-08-03 | 6.3 Medium |
| NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity. | ||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-08-03 | 9.3 Critical |
| NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity. | ||||
| CVE-2022-21813 | 2 Linux, Nvidia | 9 Linux Kernel, Cloud Gaming Guest, Geforce and 6 more | 2024-08-03 | 6.1 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | ||||
| CVE-2022-21814 | 2 Linux, Nvidia | 7 Linux Kernel, Geforce, Gpu Display Driver and 4 more | 2024-08-03 | 6.1 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | ||||
| CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2024-08-03 | 7.5 High |
| A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit. | ||||
| CVE-2022-20108 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-08-03 | 6.7 Medium |
| In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330702; Issue ID: DTV03330702. | ||||
| CVE-2022-20107 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-08-03 | 4.4 Medium |
| In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673. | ||||
| CVE-2022-20105 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-08-03 | 6.7 Medium |
| In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460. | ||||
| CVE-2022-20106 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-08-03 | 6.7 Medium |
| In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460. | ||||
| CVE-2022-4895 | 2 Hitachi, Linux | 3 Infrastructure Analytics Advisor, Ops Center Analyzer, Linux Kernel | 2024-08-03 | 8.6 High |
| Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00. | ||||
| CVE-2022-4842 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 5.5 Medium |
| A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system. | ||||
| CVE-2022-4696 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 7.8 High |
| There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not increased. This assumption is not always true as calling io_splice on specific files will call the get_uts function which will use current->nsproxy leading to invalidly decreasing its reference counter later causing the use-after-free vulnerability. We recommend upgrading to version 5.10.160 or above | ||||
| CVE-2022-4744 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-08-03 | 7.8 High |
| A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-4662 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. | ||||
| CVE-2022-4543 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 5.5 Medium |
| A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. | ||||
| CVE-2022-4382 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 6.4 Medium |
| A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side. | ||||
| CVE-2022-4379 | 3 Fedoraproject, Linux, Redhat | 4 Fedora, Linux Kernel, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial | ||||
| CVE-2022-4378 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux, Rhel Aus and 6 more | 2024-08-03 | 7.8 High |
| A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-4269 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition. | ||||
| CVE-2022-4146 | 4 Hitachi, Linux, Microsoft and 1 more | 4 Replication Manager, Linux Kernel, Windows and 1 more | 2024-08-03 | 7.3 High |
| Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02. | ||||