U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.31.13
There are 1,819 matching records.
Displaying matches 361 through 380.
Vuln ID Summary CVSS Severity
CVE-2021-20321

A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.

Published: February 18, 2022; 1:15:08 PM -0500
V3.1: 4.7 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2021-20320

A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.

Published: February 18, 2022; 1:15:08 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

Published: February 16, 2022; 4:15:08 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.4 MEDIUM
CVE-2022-25258

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Published: February 16, 2022; 3:15:07 PM -0500
V3.1: 4.6 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.

Published: February 16, 2022; 2:15:08 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-3753

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

Published: February 16, 2022; 2:15:08 PM -0500
V3.1: 4.7 MEDIUM
V2.0: 1.9 LOW
CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Published: February 16, 2022; 2:15:08 PM -0500
V3.1: 7.1 HIGH
V2.0: 7.9 HIGH
CVE-2021-44879

In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.

Published: February 14, 2022; 7:15:15 AM -0500
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2022-0382

An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.

Published: February 11, 2022; 1:15:10 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-45402

The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

Published: February 11, 2022; 10:15:07 AM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-24959

An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.

Published: February 11, 2022; 1:15:06 AM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.

Published: February 11, 2022; 1:15:06 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2022-0487

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Published: February 04, 2022; 6:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-0264

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6

Published: February 04, 2022; 6:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-24448

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.

Published: February 04, 2022; 3:15:08 PM -0500
V3.1: 3.3 LOW
V2.0: 1.9 LOW
CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

Published: January 21, 2022; 2:15:09 PM -0500
V3.1: 4.4 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2021-4001

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Published: January 21, 2022; 2:15:09 PM -0500
V3.1: 4.1 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.

Published: January 18, 2022; 12:15:09 PM -0500
V3.1: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2021-46283

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.

Published: January 11, 2022; 5:15:07 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714)

Published: January 06, 2022; 1:15:07 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 2.1 LOW