Linux: >> Linux Kernel >> 2.6.16.11 Security Vulnerabilities
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-07-21
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-07-21
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
CVSS Score
6.8
EPSS Score
0.0
Published
2022-07-18
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-07-18
A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-07-14
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-07-13
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-07-12
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-07-06
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
CVSS Score
7.1
EPSS Score
0.0
Published
2022-07-05
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
CVSS Score
7.1
EPSS Score
0.0
Published
2022-07-05