Show filters
266 Total Results
Displaying 171-180 of 266
Sort by:
Attacker Value
Unknown

CVE-2022-0185

Disclosure Date: February 11, 2022 (last updated February 23, 2025)
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
Attacker Value
Unknown

CVE-2022-24958

Disclosure Date: February 11, 2022 (last updated February 23, 2025)
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
Attacker Value
Unknown

CVE-2022-24122

Disclosure Date: January 29, 2022 (last updated February 23, 2025)
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
Attacker Value
Unknown

CVE-2021-22600

Disclosure Date: January 26, 2022 (last updated February 23, 2025)
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Attacker Value
Unknown

CVE-2021-34866

Disclosure Date: January 25, 2022 (last updated February 23, 2025)
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689.
Attacker Value
Unknown

CVE-2021-4083

Disclosure Date: January 18, 2022 (last updated February 23, 2025)
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
Attacker Value
Unknown

CVE-2022-23222

Disclosure Date: January 14, 2022 (last updated February 23, 2025)
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
Attacker Value
Unknown

CVE-2021-45485

Disclosure Date: December 25, 2021 (last updated February 23, 2025)
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
Attacker Value
Unknown

CVE-2021-45469

Disclosure Date: December 23, 2021 (last updated February 23, 2025)
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
Attacker Value
Unknown

CVE-2021-44733

Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.