In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, so add check before using.
Source: Linux
Max CVSS
9.1
EPSS Score
0.04%
Published
2024-05-21
Updated
2024-07-03
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.
Source: MITRE
Max CVSS
9.1
EPSS Score
0.12%
Published
2023-07-18
Updated
2023-12-22
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
Source: MITRE
Max CVSS
9.1
EPSS Score
0.07%
Published
2023-07-18
Updated
2024-06-18
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.
Source: MITRE
Max CVSS
9.1
EPSS Score
0.07%
Published
2023-07-18
Updated
2024-06-18
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.11%
Published
2023-07-18
Updated
2023-12-22
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.
Source: MITRE
Max CVSS
9.1
EPSS Score
0.12%
Published
2023-07-18
Updated
2023-12-15
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-07-18
Updated
2023-11-17
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length.
Source: MITRE
Max CVSS
9.1
EPSS Score
0.10%
Published
2023-07-18
Updated
2023-12-22
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
Source: Red Hat, Inc.
Max CVSS
9.8
EPSS Score
0.33%
Published
2023-07-10
Updated
2023-07-17
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
Source: Red Hat, Inc.
Max CVSS
9.0
EPSS Score
0.33%
Published
2023-07-10
Updated
2023-07-17
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
Source: Google Inc.
Max CVSS
10.0
EPSS Score
0.04%
Published
2023-09-20
Updated
2024-05-21
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.87%
Published
2022-12-23
Updated
2023-05-16
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.
Source: Google Inc.
Max CVSS
9.1
EPSS Score
0.31%
Published
2022-03-18
Updated
2023-01-20
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
Source: Red Hat, Inc.
Max CVSS
9.0
EPSS Score
1.34%
Published
2022-03-25
Updated
2023-02-14
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Source: MITRE
Max CVSS
9.8
EPSS Score
4.34%
Published
2021-11-02
Updated
2022-11-03
Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file.
Source: Samsung Mobile
Max CVSS
10.0
EPSS Score
0.48%
Published
2021-07-08
Updated
2022-07-14
Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol.
Source: Samsung Mobile
Max CVSS
9.8
EPSS Score
0.41%
Published
2021-07-08
Updated
2021-07-14
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode.
Source: Samsung Mobile
Max CVSS
9.8
EPSS Score
0.41%
Published
2021-07-08
Updated
2021-07-14
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode.
Source: Samsung Mobile
Max CVSS
9.8
EPSS Score
0.41%
Published
2021-07-08
Updated
2021-07-14
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
Source: Red Hat, Inc.
Max CVSS
9.8
EPSS Score
0.80%
Published
2022-02-16
Updated
2023-02-24
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.
Source: MITRE
Max CVSS
9.3
EPSS Score
0.12%
Published
2019-12-17
Updated
2023-01-19
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
Source: MITRE
Max CVSS
9.3
EPSS Score
0.08%
Published
2019-12-17
Updated
2020-01-03
An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.57%
Published
2019-11-07
Updated
2020-08-12
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.70%
Published
2019-11-07
Updated
2021-06-22
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
Source: MITRE
Max CVSS
9.8
EPSS Score
1.21%
Published
2019-10-04
Updated
2022-11-03
170 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!