Skip to main content

150 docs tagged with "Linux"

View all tags

CVE-1999-0894

Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other termin

CVE-2000-0048

get_it program in Corel Linux Update allows local users to gain root access by specifying an alterna

CVE-2000-1095

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary com

CVE-2000-1107

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of servic

CVE-2000-1125

restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environment

CVE-2000-1136

elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows loc

CVE-2000-1183

Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long

CVE-2000-1189

Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain pr

CVE-2000-1220

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local us

CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates b

CVE-2003-0984

Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their s

CVE-2004-0883

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote sa

CVE-2004-0949

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does n

CVE-2004-1016

The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, a

CVE-2004-1056

Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, whic

CVE-2004-1058

Race condition in Linux kernel 2.6 allows local users to read the environment variables of another p

CVE-2004-1068

A 'missing serialization' error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and

CVE-2004-1070

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4

CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does

CVE-2004-1072

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may

CVE-2004-1073

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and

CVE-2004-1074

The binfmt functionality in the Linux kernel, when 'memory overcommit' is enabled, allows local user

CVE-2004-1137

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2

CVE-2004-1151

Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia

CVE-2004-1190

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent

CVE-2004-1191

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of mem

CVE-2006-0035

The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to

CVE-2006-0071

The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, whic

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which lea

CVE-2006-0096

wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linu

CVE-2006-6921

Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverab

CVE-2007-0125

Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infini

CVE-2007-5616

ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Lin

CVE-2009-0065

Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implem

CVE-2009-4536

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles

CVE-2009-4537

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly c

CVE-2009-4538

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not p

CVE-2010-0272

Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacke

CVE-2010-0273

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacker

CVE-2010-3448

drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the

CVE-2010-3865

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local u

CVE-2010-3873

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, whic

CVE-2010-3875

The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initi

CVE-2010-3876

net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain st

CVE-2010-3877

The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize

CVE-2010-3912

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not 'disgui

CVE-2010-4160

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2)

CVE-2010-4162

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to caus

CVE-2010-4163

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local

CVE-2010-4164

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the

CVE-2010-4175

Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows l

CVE-2010-4242

The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux k

CVE-2010-4247

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c

CVE-2010-4526

Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.1

CVE-2010-4668

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows loc

CVE-2011-0404

Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for M

CVE-2011-5247

Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field Re

CVE-2011-5250

Snare for Linux before 1.7.0 has CSRF in the web interface.

CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrit

CVE-2013-7263

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data st

CVE-2013-7264

The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certa

CVE-2013-7265

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain

CVE-2013-7266

The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 doe

CVE-2013-7267

The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certai

CVE-2013-7268

The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain len

CVE-2013-7269

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certai

CVE-2013-7270

The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a ce

CVE-2013-7271

The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain len

CVE-2013-7281

The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a cer

CVE-2013-7283

Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages i

CVE-2014-9428

The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. impleme

CVE-2014-9529

Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through

CVE-2014-9584

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 do

CVE-2014-9585

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly c

CVE-2017-11003

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-11066

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-11069

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-11079

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-11080

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-11081

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-14869

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-14870

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-14873

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-14879

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-15129

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel befor

CVE-2017-15845

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-15847

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-15848

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-15849

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-15850

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and

CVE-2017-9689

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-9705

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-9712

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2018-0743

Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server,

CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted inter

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and sim

CVE-2018-20131

The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permiss

CVE-2018-5332

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that

CVE-2018-5333

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which

CVE-2019-19332

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the

CVE-2019-19911

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range fu

CVE-2019-20374

A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81

CVE-2019-3701

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The C

CVE-2019-5489

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attac

CVE-2019-5892

bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x befor

CVE-2020-26294

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golan

CVE-2020-27835

A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found

CVE-2020-28374

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier che

CVE-2020-35488

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers

CVE-2020-36158

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel t

CVE-2021-21107

Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote at

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets f

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets f

CVE-2021-3600

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds inf

CVE-2021-43860

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1

CVE-2021-46283

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local us

CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution atta

CVE-2022-22704

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to

CVE-2022-2588

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an o

CVE-2022-3628

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occu

CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) f

CVE-2022-43534

A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance

CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain

CVE-2022-4379

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux ker

CVE-2022-4382

A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver

CVE-2022-43970

A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware

CVE-2022-43971

An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Conne

CVE-2022-43973

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router wit

CVE-2022-4696

There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_S

CVE-2022-4842

A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was foun

CVE-2022-48619

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can

CVE-2023-1032

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socke

CVE-2023-23454

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a de

CVE-2023-23455

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a

CVE-2023-23559

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is

CVE-2023-31036

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is laun

CVE-2023-34324

Closing of an event channel in the Linux kernel can result in a deadlock.This happens when the clos

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-

CVE-2023-51781

An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a u

CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use

CVE-2023-6270

A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() fu

CVE-2023-7192

A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.

CVE-2024-0193

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall elem

CVE-2024-0213

A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user

CVE-2024-0340

A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does

CVE-2024-0443

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to

CVE-2024-20681

Windows Subsystem for Linux Elevation of Privilege Vulnerability