U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Linux kernel
  • Search Type: Search All
There are 3,261 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2021-26931

An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c.

Published: February 16, 2021; 9:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 1.9 LOW
CVE-2021-26930

An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c.

Published: February 16, 2021; 8:15:13 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-26708

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.

Published: February 05, 2021; 9:15:18 AM -0500
V3.1: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2020-24490

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

Published: February 02, 2021; 5:15:12 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2021-3348

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.

Published: January 31, 2021; 11:15:14 PM -0500
V3.1: 7.0 HIGH
V2.0: 4.4 MEDIUM
CVE-2021-3347

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

Published: January 29, 2021; 12:15:12 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-35513

A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service.

Published: January 26, 2021; 1:15:54 PM -0500
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-3178

** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.

Published: January 19, 2021; 2:15:13 AM -0500
V3.1: 6.5 MEDIUM
V2.0: 5.5 MEDIUM
CVE-2020-16119

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

Published: January 13, 2021; 8:15:13 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-28374

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.

Published: January 12, 2021; 11:15:12 PM -0500
V3.1: 8.1 HIGH
V2.0: 5.5 MEDIUM
CVE-2021-1056

NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.

Published: January 07, 2021; 8:15:14 PM -0500
V3.1: 7.1 HIGH
V2.0: 3.6 LOW
CVE-2021-1053

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.

Published: January 07, 2021; 8:15:14 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-1052

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.

Published: January 07, 2021; 8:15:14 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-27835

A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.

Published: January 07, 2021; 1:15:13 PM -0500
V3.1: 4.4 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2020-36158

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

Published: January 05, 2021; 12:15:10 AM -0500
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback.

Published: December 15, 2020; 12:15:14 PM -0500
V3.1: 8.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-27777

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

Published: December 15, 2020; 12:15:14 PM -0500
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2020-27825

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.

Published: December 11, 2020; 2:15:12 PM -0500
V3.1: 5.7 MEDIUM
V2.0: 5.4 MEDIUM
CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Published: December 11, 2020; 12:15:12 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-29661

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

Published: December 09, 2020; 12:15:31 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH