Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2444

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-14 May, 2007 | 21:00
Updated At-07 Aug, 2024 | 13:42
Rejected At-
Credits

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:14 May, 2007 | 21:00
Updated At:07 Aug, 2024 | 13:42
Rejected At:
▼CVE Numbering Authority (CNA)

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-200705-15.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/25289
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1805
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/25772
third-party-advisory
x_refsource_SECUNIA
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
vendor-advisory
x_refsource_OPENPKG
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/25270
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/468670/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2007/2281
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2210
vdb-entry
x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
http://www.trustix.org/errata/2007/0017/
vendor-advisory
x_refsource_TRUSTIX
http://www.securitytracker.com/id?1018049
vdb-entry
x_refsource_SECTRACK
http://www.ubuntu.com/usn/usn-460-1
vendor-advisory
x_refsource_UBUNTU
http://securityreason.com/securityalert/2701
third-party-advisory
x_refsource_SREASON
http://secunia.com/advisories/25241
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/25256
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1366
x_refsource_CONFIRM
http://secunia.com/advisories/25259
third-party-advisory
x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
vendor-advisory
x_refsource_SLACKWARE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
vendor-advisory
x_refsource_SUNALERT
http://www.debian.org/security/2007/dsa-1291
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/archive/1/468548/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/25232
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25251
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
vendor-advisory
x_refsource_SUNALERT
http://www.ubuntu.com/usn/usn-460-2
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/25246
third-party-advisory
x_refsource_SECUNIA
http://osvdb.org/34698
vdb-entry
x_refsource_OSVDB
http://secunia.com/advisories/25255
third-party-advisory
x_refsource_SECUNIA
http://www.samba.org/samba/security/CVE-2007-2444.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/23974
vdb-entry
x_refsource_BID
http://secunia.com/advisories/25675
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/25289
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/25772
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Resource:
vendor-advisory
x_refsource_OPENPKG
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/25270
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.trustix.org/errata/2007/0017/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://www.securitytracker.com/id?1018049
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://securityreason.com/securityalert/2701
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://secunia.com/advisories/25241
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/25256
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/25259
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/25232
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25251
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/25246
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://osvdb.org/34698
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/25255
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/23974
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/25675
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-200705-15.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/25289
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/1805
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/25772
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
vendor-advisory
x_refsource_OPENPKG
x_transferred
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/25270
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/468670/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.vupen.com/english/advisories/2007/2281
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2007/2210
vdb-entry
x_refsource_VUPEN
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
x_transferred
http://www.trustix.org/errata/2007/0017/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://www.securitytracker.com/id?1018049
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.ubuntu.com/usn/usn-460-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://securityreason.com/securityalert/2701
third-party-advisory
x_refsource_SREASON
x_transferred
http://secunia.com/advisories/25241
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/25256
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1366
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/25259
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.debian.org/security/2007/dsa-1291
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/archive/1/468548/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/25232
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25251
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.ubuntu.com/usn/usn-460-2
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/25246
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://osvdb.org/34698
vdb-entry
x_refsource_OSVDB
x_transferred
http://secunia.com/advisories/25255
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.samba.org/samba/security/CVE-2007-2444.html
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/23974
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/25675
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/25289
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/25772
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Resource:
vendor-advisory
x_refsource_OPENPKG
x_transferred
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/25270
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.trustix.org/errata/2007/0017/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018049
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://securityreason.com/securityalert/2701
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://secunia.com/advisories/25241
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/25256
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/25259
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/25232
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25251
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/25246
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://osvdb.org/34698
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/25255
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/23974
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/25675
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:14 May, 2007 | 21:19
Updated At:23 Apr, 2026 | 00:35

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

Samba
samba
>>samba>>3.0.23d
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.24
cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.25
cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>5.0
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.10
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

Organization : Red Hat
Last Modified : 2007-05-15T00:00:00

Not vulnerable. These issues did not affect the versions of Samba as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References
HyperlinkSourceResource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980secalert@redhat.com
Broken Link
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://osvdb.org/34698secalert@redhat.com
Broken Link
http://secunia.com/advisories/25232secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25241secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25246secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25251secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25255secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25256secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25259secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25270secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25289secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25675secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25772secalert@redhat.com
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200705-15.xmlsecalert@redhat.com
Third Party Advisory
http://securityreason.com/securityalert/2701secalert@redhat.com
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906secalert@redhat.com
Mailing List
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1secalert@redhat.com
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1secalert@redhat.com
Broken Link
http://www.debian.org/security/2007/dsa-1291secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104secalert@redhat.com
Broken Link
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlsecalert@redhat.com
Third Party Advisory
http://www.samba.org/samba/security/CVE-2007-2444.htmlsecalert@redhat.com
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/468548/100/0/threadedsecalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/468670/100/0/threadedsecalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/23974secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018049secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0017/secalert@redhat.com
Broken Link
http://www.ubuntu.com/usn/usn-460-1secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-460-2secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1805secalert@redhat.com
Permissions Required
http://www.vupen.com/english/advisories/2007/2210secalert@redhat.com
Permissions Required
http://www.vupen.com/english/advisories/2007/2281secalert@redhat.com
Permissions Required
https://issues.rpath.com/browse/RPL-1366secalert@redhat.com
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://osvdb.org/34698af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/25232af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25241af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25246af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25251af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25255af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25256af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25259af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25270af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25289af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25675af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25772af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200705-15.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securityreason.com/securityalert/2701af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.debian.org/security/2007/dsa-1291af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.samba.org/samba/security/CVE-2007-2444.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/468548/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/468670/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/23974af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018049af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0017/af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.ubuntu.com/usn/usn-460-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-460-2af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1805af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2007/2210af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2007/2281af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://issues.rpath.com/browse/RPL-1366af854a3a-2127-422b-91ae-364da2661108
Broken Link
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/34698
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25232
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25241
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25246
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25251
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25255
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25256
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25259
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25270
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25289
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25675
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25772
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://securityreason.com/securityalert/2701
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/23974
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018049
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.trustix.org/errata/2007/0017/
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/34698
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25232
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25246
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25251
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25255
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25256
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25259
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25270
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25289
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25675
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25772
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securityreason.com/securityalert/2701
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/23974
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018049
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.trustix.org/errata/2007/0017/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link

Change History

0
Information is not available yet

Similar CVEs

650Records found

CVE-2010-2960
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.51% / 39.53%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-suse_linux_enterprise_serversuse_linux_enterprise_desktopubuntu_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-26363
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.7||MEDIUM
EPSS-0.34% / 26.03%
||
7 Day CHG~0.00%
Published-09 Jun, 2022 | 12:50
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoraxen
CVE-2010-2959
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.2||HIGH
EPSS-3.78% / 88.63%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxlinux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverlinux_enterprise_real_timefedoralinux_kernelopensusen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2010-2798
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 33.23%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncAvaya LLCSUSEDebian GNU/LinuxVMware (Broadcom Inc.)
Product-debian_linuxubuntu_linuxiqaura_session_managervoice_portalesxsuse_linux_enterprise_serveraura_presence_serviceslinux_enterprise_high_availability_extensionaura_system_platformaura_system_managersuse_linux_enterprise_desktoplinux_kernelaura_communication_manageropensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-26364
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.7||MEDIUM
EPSS-0.49% / 38.79%
||
7 Day CHG~0.00%
Published-09 Jun, 2022 | 12:50
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoraxen
CVE-2010-3080
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.42% / 33.43%
||
7 Day CHG~0.00%
Published-21 Sep, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncSUSE
Product-ubuntu_linuxlinux_enterprise_desktoplinux_enterprise_real_time_extensionlinux_enterprise_serverlinux_kernelopensusen/a
CWE ID-CWE-415
Double Free
CVE-2022-28893
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.97%
||
7 Day CHG-0.00%
Published-11 Apr, 2022 | 04:15
Updated-03 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500ssolidfire_\&_hci_management_nodeh300s_firmwareh410c_firmwareh410sh300shci_compute_nodeh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700esolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwareh700e_firmwareh410ch700sn/a
CWE ID-CWE-416
Use After Free
CVE-2017-18075
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 32.96%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 10:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2010-2478
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.42% / 33.71%
||
7 Day CHG~0.00%
Published-29 Sep, 2010 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_serverubuntu_linuxlinux_enterprise_desktoplinux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-15918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.60% / 44.47%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 18:09
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14835
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.63% / 45.65%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 15:09
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Action-Not Available
Vendor-Linux KernelHuawei Technologies Co., Ltd.Fedora ProjectopenSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuximanager_netecoopenshift_container_platformenterprise_linux_server_aush410c_firmwareh300s_firmwarevirtualization_hosth410sh610s_firmwareh300ssteelstore_cloud_integrated_storageh610sh300e_firmwareh500ehci_management_nodeenterprise_linux_workstationfedorah500s_firmwareh500e_firmwareenterprise_linux_eush700eaff_a700s_firmwareenterprise_linux_desktopleapdata_availability_servicesmanageoneh300evirtualizationh500sservice_processorenterprise_linuxaff_a700ssolidfiredebian_linuxlinux_kernelh410s_firmwareh700s_firmwareh410ch700e_firmwareenterprise_linux_server_tush700simanager_neteco_6000enterprise_linux_for_real_timeLinux kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14816
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.91% / 55.60%
||
7 Day CHG~0.00%
Published-20 Sep, 2019 | 18:25
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Action-Not Available
Vendor-NetApp, Inc.Fedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxa700s_firmwarea320_firmwareenterprise_linux_server_ausfas2720fas2720_firmwareh300s_firmwareh410sc190h610s_firmwareh300senterprise_linux_tussteelstore_cloud_integrated_storageh300e_firmwareh610sfas2750fas2750_firmwareh500ehci_management_nodefedorah500s_firmwareh500e_firmwareenterprise_linux_eusa700sa220h700sh700edata_availability_servicesleaph300ea800virtualizationh500sservice_processorenterprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusa320enterprise_linux_compute_node_eussolidfirea800_firmwaredebian_linuxlinux_kernelh410s_firmwareh700s_firmwarec190_firmwarea220_firmwareenterprise_linux_for_power_big_endian_eusenterprise_linux_server_tush700e_firmwareenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_for_real_timemessaging_realtime_gridkernel
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14868
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.4||HIGH
EPSS-1.39% / 68.88%
||
7 Day CHG~0.00%
Published-02 Apr, 2020 | 16:48
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.

Action-Not Available
Vendor-ksh_projectKornShellDebian GNU/LinuxApple Inc.
Product-debian_linuxmac_os_xkshksh
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2017-16927
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.41% / 32.74%
||
7 Day CHG~0.00%
Published-23 Nov, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.

Action-Not Available
Vendor-neutrinolabsn/aDebian GNU/Linux
Product-debian_linuxxrdpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14814
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.87% / 54.35%
||
7 Day CHG~0.00%
Published-20 Sep, 2019 | 18:27
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Action-Not Available
Vendor-openSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-ubuntu_linuxa700s_firmwarea320_firmwareenterprise_linux_server_ausfas2720fas2720_firmwareh300s_firmwareh410c_firmwareh410sc190h610s_firmwareh300ssteelstore_cloud_integrated_storageh300e_firmwareh610sfas2750fas2750_firmwareh500ehci_management_nodeh500s_firmwareh500e_firmwareenterprise_linux_eusa700sa220h700sh700edata_availability_servicesleaph300ea800h500sservice_processorenterprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusa320solidfirea800_firmwaredebian_linuxlinux_kernelh410s_firmwareh700s_firmwarec190_firmwarea220_firmwareh410centerprise_linux_server_tush700e_firmwareenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_for_real_timemessaging_realtime_gridkernel
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-3725
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.61% / 44.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2009 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
CVE-2022-23222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.93% / 77.53%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 00:00
Updated-03 Aug, 2024 | 03:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-h300eh500sh410c_firmwareh300s_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh410ch700e_firmwareh700sn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2009-2692
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-14.75% / 96.27%
||
7 Day CHG~0.00%
Published-14 Aug, 2009 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSERed Hat, Inc.Debian GNU/Linux
Product-debian_linuxenterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktoplinux_enterprise_real_timeenterprise_linux_eusenterprise_linux_server_auslinux_kerneln/a
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2019-14821
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 50.86%
||
7 Day CHG~0.00%
Published-19 Sep, 2019 | 17:37
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

Action-Not Available
Vendor-Red Hat, Inc.openSUSENetApp, Inc.Debian GNU/LinuxFedora ProjectCanonical Ltd.Linux Kernel Organization, IncOracle Corporation
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_ausvirtualization_hosth300s_firmwareh410c_firmwareh410sh610s_firmwareh300sh300e_firmwareh610sh500ehci_management_nodeenterprise_linux_workstationfedorah500s_firmwareh500e_firmwareenterprise_linux_eush700eaff_a700s_firmwareenterprise_linux_desktopleapdata_availability_servicesh300esd-wan_edgeh500senterprise_linuxaff_a700ssolidfiredebian_linuxlinux_kernelh410s_firmwareh700s_firmwareh410centerprise_linux_server_tush700e_firmwareh700senterprise_linux_for_real_timeKernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-0115
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 38.80%
||
7 Day CHG~0.00%
Published-30 Mar, 2009 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

Action-Not Available
Vendor-christophe.varoquin/aopenSUSEJuniper Networks, Inc.Avaya LLCNovellSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxlinux_enterprise_desktopmessaging_storage_serverintuity_audix_lxopen_enterprise_serverlinux_enterprise_serverfedoractpviewmultipath-toolsmessage_networkingopensusen/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-23220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.52% / 40.37%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 00:00
Updated-03 Aug, 2024 | 03:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo.

Action-Not Available
Vendor-usbview_projectn/aCanonical Ltd.Debian GNU/LinuxGentoo Foundation, Inc.
Product-usbviewubuntu_linuxdebian_linuxlinuxn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-11487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 48.96%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 22:00
Updated-04 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2019-13272
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-52.20% / 98.83%
||
7 Day CHG~0.00%
Published-17 Jul, 2019 | 12:32
Updated-06 Nov, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-10||Apply updates per vendor instructions.

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.NetApp, Inc.Red Hat, Inc.Fedora ProjectLinux Kernel Organization, Inc
Product-h410centerprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_for_ibm_z_systemsdebian_linuxe-series_performance_analyzerh410c_firmwarehci_compute_nodesteelstore_cloud_integrated_storagefedoraenterprise_linux_for_real_time_for_nfv_tusactive_iq_unified_managersolidfireenterprise_linux_for_arm_64aff_a700subuntu_linuxh610sservice_processorhci_management_nodeenterprise_linux_for_real_timeaff_a700s_firmwareh610s_firmwaree-series_santricity_os_controllerlinux_kernelenterprise_linux_for_real_time_tusn/aKernel
CVE-2008-4553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.49% / 38.34%
||
7 Day CHG~0.00%
Published-15 Oct, 2008 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.

Action-Not Available
Vendor-n/aDebian GNU/LinuxQEMU
Product-debian_linuxqemun/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2008-4539
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.54% / 41.29%
||
7 Day CHG~0.00%
Published-29 Dec, 2008 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.

Action-Not Available
Vendor-kvm_qumranetn/aCanonical Ltd.QEMUDebian GNU/Linux
Product-debian_linuxubuntu_linuxkvmqemun/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2812
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 34.30%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncAvaya LLCNovellSUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxsip_enablement_servicesproactive_contactsuse_linux_enterprise_serverlinux_desktopmessaging_storage_serverexpanded_meet-me_conferencingmeeting_exchangecommunication_managerintuity_audix_lxsuse_linux_enterprise_desktoplinux_kernelmessage_networkingopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-8897
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-18.40% / 96.88%
||
7 Day CHG~0.00%
Published-08 May, 2018 | 18:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.

Action-Not Available
Vendor-n/aCanonical Ltd.Xen ProjectCitrix (Cloud Software Group, Inc.)Apple Inc.FreeBSD FoundationDebian GNU/LinuxSynology, Inc.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxfreebsddebian_linuxxenserverenterprise_linux_workstationmac_os_xenterprise_virtualization_managerskynasdiskstation_managerxenn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2008-0930
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.37% / 28.79%
||
7 Day CHG~0.00%
Published-04 Mar, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-freshmeatn/aDebian GNU/Linux
Product-xwinedebian_linuxn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2007-6601
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.57% / 72.42%
||
7 Day CHG~0.00%
Published-09 Jan, 2008 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectThe PostgreSQL Global Development Group
Product-postgresqldebian_linuxfedoran/a
CWE ID-CWE-287
Improper Authentication
CVE-2004-1051
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.37% / 68.68%
||
7 Day CHG~0.00%
Published-18 Nov, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

Action-Not Available
Vendor-todd_millertrustixn/aUbuntuDebian GNU/LinuxMandriva (Mandrakesoft)
Product-debian_linuxubuntu_linuxmandrake_linuxsudomandrake_multi_network_firewallsecure_linuxmandrake_linux_corporate_servern/a
CVE-2007-6211
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.89% / 54.93%
||
7 Day CHG~0.00%
Published-04 Dec, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation.

Action-Not Available
Vendor-singn/aDebian GNU/Linux
Product-debian_linuxsingn/a
CVE-2007-5365
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-80.27% / 99.57%
||
7 Day CHG~0.00%
Published-11 Oct, 2007 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

Action-Not Available
Vendor-n/aOpenBSDUbuntuSun Microsystems (Oracle Corporation)Red Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxopenbsdopensolarissolarislinux_advanced_workstationenterprise_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-0112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.18% / 63.79%
||
7 Day CHG~0.00%
Published-14 Feb, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.

Action-Not Available
Vendor-sam_lantingan/aDebian GNU/Linux
Product-debian_linuxsplitvtn/a
CVE-2007-5730
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.61% / 44.68%
||
7 Day CHG~0.00%
Published-30 Oct, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.

Action-Not Available
Vendor-n/aXen ProjectQEMUDebian GNU/Linux
Product-debian_linuxxenqemun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-15115
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.29%
||
7 Day CHG~0.00%
Published-15 Nov, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSEDebian GNU/Linux
Product-linux_enterprise_serverdebian_linuxubuntu_linuxlinux_kernelLinux kernel before 4.14-rc6
CWE ID-CWE-416
Use After Free
CVE-1999-0381
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.73% / 49.66%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CVE-2017-14177
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.69%
||
7 Day CHG~0.00%
Published-02 Feb, 2018 | 14:00
Updated-17 Sep, 2024 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.

Action-Not Available
Vendor-apport_projectn/aCanonical Ltd.
Product-apportubuntu_linuxApport
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2007-3912
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.35% / 26.57%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-debian-goodiesn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-2838
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.35% / 26.57%
||
7 Day CHG~0.00%
Published-03 Jul, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.

Action-Not Available
Vendor-gsambadn/aDebian GNU/Linux
Product-debian_linuxgsambadn/a
CVE-2019-10161
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.52% / 40.10%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 22:14
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.

Action-Not Available
Vendor-LibvirtCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxvirtualizationenterprise_linuxvirtualization_hostlibvirtlibvirt
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-1679
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.80% / 52.23%
||
7 Day CHG~0.00%
Published-16 May, 2022 | 00:00
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500sh410c_firmwareh300s_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700sKernel
CWE ID-CWE-416
Use After Free
CVE-2022-1652
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.54% / 41.29%
||
7 Day CHG~0.00%
Published-31 May, 2022 | 18:05
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelh500sh410s_firmwareenterprise_linuxh410c_firmwareh300s_firmwareh500s_firmwareh700s_firmwareh410sh410ch300sh700skernel
CWE ID-CWE-416
Use After Free
CVE-2007-1321
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.46% / 36.97%
||
7 Day CHG~0.00%
Published-30 Oct, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.

Action-Not Available
Vendor-n/aQEMUXen ProjectDebian GNU/LinuxFedora Project
Product-debian_linuxqemuxenfedorafedora_coren/a
CVE-2017-1000363
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.64% / 46.15%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-9568
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.71% / 49.20%
||
7 Day CHG~0.00%
Published-06 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

Action-Not Available
Vendor-Google LLCLinux Kernel Organization, IncCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxlinux_kernelenterprise_linux_server_eusandroidenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopAndroid
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-0211
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.8||HIGH
EPSS-65.00% / 99.15%
||
7 Day CHG~0.00%
Published-08 Apr, 2019 | 21:31
Updated-27 Oct, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationRed Hat, Inc.The Apache Software FoundationopenSUSECanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_for_ibm_z_systemsjboss_core_servicesenterprise_linuxinstantis_enterprisetrackenterprise_linux_eusretail_xstore_point_of_serviceubuntu_linuxenterprise_linux_for_power_little_endianenterprise_manager_ops_centeropenshift_container_platformenterprise_linux_for_arm_64_eushttp_serversoftware_collectionscommunications_session_report_managerdebian_linuxenterprise_linux_server_ausenterprise_linux_update_services_for_sap_solutionsenterprise_linux_for_power_little_endian_eusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_server_tusfedoraenterprise_linux_for_arm_64openshift_container_platform_for_powerleapcommunications_session_route_manageroncommand_unified_managerApache HTTP ServerHTTP Server
CWE ID-CWE-416
Use After Free
CVE-2018-9518
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.26% / 17.21%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.

Action-Not Available
Vendor-Canonical Ltd.Google LLC
Product-androidubuntu_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2007-1320
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.49% / 38.77%
||
7 Day CHG~0.00%
Published-02 May, 2007 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

Action-Not Available
Vendor-n/aopenSUSEQEMUXen ProjectDebian GNU/LinuxFedora Project
Product-debian_linuxqemuxenfedorafedora_coreopensusen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-9516
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.41% / 33.34%
||
7 Day CHG+0.02%
Published-06 Nov, 2018 | 17:00
Updated-16 Sep, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.

Action-Not Available
Vendor-Canonical Ltd.Google LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-9363
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.46% / 36.42%
||
7 Day CHG+0.02%
Published-06 Nov, 2018 | 17:00
Updated-16 Sep, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCDebian GNU/LinuxCanonical Ltd.
Product-androiddebian_linuxlinux_kernelubuntu_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 12
  • 13
  • Next
Details not found