|
Linux : Security Vulnerabilities (CVSS score between 8 and 8.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-28660 |
787 |
|
|
2021-03-17 |
2023-01-19 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. |
2 |
CVE-2020-14305 |
787 |
|
DoS |
2020-12-02 |
2022-10-14 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
3 |
CVE-2019-17666 |
120 |
|
Overflow |
2019-10-17 |
2023-01-19 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. |
4 |
CVE-2019-3846 |
787 |
|
|
2019-06-03 |
2023-01-19 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. |
5 |
CVE-2018-14633 |
787 |
|
Overflow |
2018-09-25 |
2020-08-28 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable. |
6 |
CVE-2015-4004 |
119 |
|
DoS Overflow +Info |
2015-06-07 |
2022-12-12 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet. |
7 |
CVE-2011-3191 |
119 |
|
DoS Overflow Mem. Corr. |
2012-05-24 |
2022-11-03 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. |
8 |
CVE-2011-2497 |
191 |
|
DoS Overflow Mem. Corr. |
2011-08-29 |
2020-07-31 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow. |
9 |
CVE-2010-3705 |
400 |
|
DoS Mem. Corr. |
2010-11-26 |
2020-08-10 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. |
10 |
CVE-2008-4395 |
119 |
|
Exec Code Overflow |
2008-11-06 |
2017-08-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs. |
Total number of vulnerabilities : 10
Page :
1
(This Page)
|
|
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE's CWE web site.
OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.