jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
Max CVSS
7.0
EPSS Score
0.04%
Published
2022-04-08
Updated
2023-08-29
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-03-23
Updated
2023-02-01
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-09-06
Updated
2023-06-23
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-09-06
Updated
2023-02-12
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.
Max CVSS
7.8
EPSS Score
0.07%
Published
2022-09-06
Updated
2023-02-12
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Max CVSS
7.1
EPSS Score
0.04%
Published
2022-12-19
Updated
2023-11-25
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-01-20
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
Max CVSS
7.5
EPSS Score
0.09%
Published
2022-10-14
Updated
2022-10-18
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-08-23
Updated
2023-01-20
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.
Max CVSS
6.5
EPSS Score
0.08%
Published
2022-10-14
Updated
2023-05-18
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
Max CVSS
7.5
EPSS Score
0.18%
Published
2022-08-01
Updated
2022-08-19
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-31
Updated
2022-11-21
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-06-09
Updated
2023-05-16
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-06-30
Updated
2022-10-26
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
Max CVSS
6.9
EPSS Score
0.15%
Published
2022-06-02
Updated
2022-06-15
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-06-02
Updated
2023-03-01
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
Max CVSS
5.5
EPSS Score
0.08%
Published
2022-08-31
Updated
2023-02-23
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.
Max CVSS
7.8
EPSS Score
0.07%
Published
2022-04-14
Updated
2023-02-12
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
Max CVSS
6.3
EPSS Score
0.04%
Published
2022-04-13
Updated
2022-04-20
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-31
Updated
2022-09-07
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
Max CVSS
7.5
EPSS Score
0.22%
Published
2022-08-29
Updated
2023-02-02
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-08-29
Updated
2022-09-06
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-29
Updated
2023-12-20
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-03-29
Updated
2022-10-19
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Max CVSS
7.0
EPSS Score
0.04%
Published
2022-04-29
Updated
2024-01-21
62 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!