Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-1805

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-08 Aug, 2015 | 10:00
Updated At-06 Aug, 2024 | 04:54
Rejected At-
Credits

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:08 Aug, 2015 | 10:00
Updated At:06 Aug, 2024 | 04:54
Rejected At:
▼CVE Numbering Authority (CNA)

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://rhn.redhat.com/errata/RHSA-2015-1211.html
vendor-advisory
x_refsource_REDHAT
http://www.debian.org/security/2015/dsa-3290
vendor-advisory
x_refsource_DEBIAN
http://www.securitytracker.com/id/1032454
vdb-entry
x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/74951
vdb-entry
x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2015-1120.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2967-1
vendor-advisory
x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
vendor-advisory
x_refsource_SUSE
http://source.android.com/security/bulletin/2016-05-01.html
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1202855
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2680-1
vendor-advisory
x_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-1082.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2679-1
vendor-advisory
x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2967-2
vendor-advisory
x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2015-1138.html
vendor-advisory
x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1190.html
vendor-advisory
x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2015/06/06/2
mailing-list
x_refsource_MLIST
http://rhn.redhat.com/errata/RHSA-2015-1199.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2681-1
vendor-advisory
x_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-1042.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
vendor-advisory
x_refsource_SUSE
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
vendor-advisory
x_refsource_SUSE
http://source.android.com/security/bulletin/2016-04-02.html
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2015-1137.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
vendor-advisory
x_refsource_SUSE
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
vendor-advisory
x_refsource_SUSE
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1081.html
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1211.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2015/dsa-3290
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securitytracker.com/id/1032454
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/74951
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1120.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2967-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://source.android.com/security/bulletin/2016-05-01.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1202855
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/USN-2680-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1082.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2679-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/USN-2967-2
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1138.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1190.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.openwall.com/lists/oss-security/2015/06/06/2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1199.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2681-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1042.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://source.android.com/security/bulletin/2016-04-02.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1137.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1081.html
Resource:
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://rhn.redhat.com/errata/RHSA-2015-1211.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.debian.org/security/2015/dsa-3290
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securitytracker.com/id/1032454
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/74951
vdb-entry
x_refsource_BID
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1120.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2967-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://source.android.com/security/bulletin/2016-05-01.html
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1202855
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/USN-2680-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1082.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2679-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/USN-2967-2
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1138.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1190.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.openwall.com/lists/oss-security/2015/06/06/2
mailing-list
x_refsource_MLIST
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1199.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2681-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1042.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://source.android.com/security/bulletin/2016-04-02.html
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1137.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
x_refsource_CONFIRM
x_transferred
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-1081.html
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1211.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2015/dsa-3290
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securitytracker.com/id/1032454
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/74951
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1120.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2967-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://source.android.com/security/bulletin/2016-05-01.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1202855
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2680-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1082.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2679-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2967-2
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1138.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1190.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2015/06/06/2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1199.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2681-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1042.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://source.android.com/security/bulletin/2016-04-02.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1137.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1081.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:08 Aug, 2015 | 10:59
Updated At:12 Apr, 2025 | 10:46

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Google LLC
google
>>android>>4.4.3
cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*
Google LLC
google
>>android>>5.0.1
cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
Google LLC
google
>>android>>5.1
cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
Google LLC
google
>>android>>5.1.1
cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
Google LLC
google
>>android>>6.0
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 3.15.10(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-17Primarynvd@nist.gov
CWE ID: CWE-17
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1secalert@redhat.com
N/A
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045secalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1042.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1081.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1082.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1120.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1137.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1138.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1190.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1199.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-1211.htmlsecalert@redhat.com
N/A
http://source.android.com/security/bulletin/2016-04-02.htmlsecalert@redhat.com
N/A
http://source.android.com/security/bulletin/2016-05-01.htmlsecalert@redhat.com
N/A
http://www.debian.org/security/2015/dsa-3290secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2015/06/06/2secalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/74951secalert@redhat.com
N/A
http://www.securitytracker.com/id/1032454secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2679-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2680-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2681-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2967-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2967-2secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1202855secalert@redhat.com
N/A
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1secalert@redhat.com
N/A
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045secalert@redhat.com
N/A
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1af854a3a-2127-422b-91ae-364da2661108
N/A
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1042.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1081.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1082.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1120.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1137.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1138.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1190.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1199.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-1211.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://source.android.com/security/bulletin/2016-04-02.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://source.android.com/security/bulletin/2016-05-01.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2015/dsa-3290af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2015/06/06/2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/74951af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1032454af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2679-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2680-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2681-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2967-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2967-2af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1202855af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1042.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1081.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1082.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1120.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1137.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1138.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1190.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1199.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1211.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://source.android.com/security/bulletin/2016-04-02.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://source.android.com/security/bulletin/2016-05-01.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3290
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2015/06/06/2
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/74951
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1032454
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2679-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2680-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2681-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2967-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2967-2
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1202855
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1042.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1081.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1082.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1120.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1137.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1138.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1190.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1199.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-1211.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://source.android.com/security/bulletin/2016-04-02.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://source.android.com/security/bulletin/2016-05-01.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3290
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2015/06/06/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/74951
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1032454
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2679-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2680-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2681-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2967-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2967-2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1202855
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

952Records found
CVE-2021-0625
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.54%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:17
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6762, MT6765, MT6768, MT6771, MT6779, MT6785, MT8183, MT8385, MT8768, MT8788
CWE ID-CWE-667
Improper Locking
CVE-2021-0455
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.63%
||
7 Day CHG~0.00%
Published-10 Mar, 2021 | 16:15
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175116439

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0402
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.94%
||
7 Day CHG~0.00%
Published-26 Feb, 2021 | 20:19
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05433311.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0327
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.51%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 16:50
Updated-03 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-172935267

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-0519
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.30%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0494
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.27%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461318

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-0669
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9638mt9980mt6873mt6893mt6885mt9981mt9669mt9650mt6877mt8195mt6891mt6883mt6853mt9636mt6853tmt9970androidmt9652mt6875mt8797mt6889mt9686mt9639mt8791MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981
CWE ID-CWE-416
Use After Free
CVE-2021-0633
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.73%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:17
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05585423; Issue ID: ALPS05585423.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6893, MT8168, MT8175, MT8195, MT8321, MT8365, MT8765
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0799
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.33%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197647956

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CVE-2021-0349
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.25%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 17:10
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-0491
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.37%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461315

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-862
Missing Authorization
CVE-2021-0671
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.41%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05664273; Issue ID: ALPS05664273.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6853tmt6893mt6891androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0490
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183464868

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0652
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.64%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 13:27
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-0708
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.00%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 13:26
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-183262161

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2021-0336
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.08%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 16:49
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-158219161

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0308
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.8||MEDIUM
EPSS-0.06% / 19.45%
||
7 Day CHG~0.00%
Published-11 Jan, 2021 | 21:46
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0577
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.67%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 13:46
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In flv extractor, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187161771

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0310
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-11 Jan, 2021 | 21:48
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In LazyServiceRegistrar of LazyServiceRegistrar.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Android ID: A-170212632.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2008-2931
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.49%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 18:00
Updated-07 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxNovellopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelopensusesuse_linux_enterprise_serversuse_linux_enterprise_desktopn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2015-8019
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.13%
||
7 Day CHG~0.00%
Published-02 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1035
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.46%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-12Android ID: A-195668284

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2018-13889
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.20%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-11965
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.69%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-16276
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.08%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2008-1675
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.22%
||
7 Day CHG~0.00%
Published-02 May, 2008 | 16:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2020-5025
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.31% / 53.32%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 15:30
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661.

Action-Not Available
Vendor-IBM CorporationNetApp, Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kerneloncommand_insightDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-4701
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.06%
||
7 Day CHG~0.00%
Published-19 Nov, 2020 | 15:15
Updated-16 Sep, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-12931
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.60%
||
7 Day CHG~0.00%
Published-28 Jun, 2018 | 14:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2006-0096
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.14%
||
7 Day CHG~0.00%
Published-06 Jan, 2006 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-11962
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.16%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-16882
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.11% / 30.11%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 16:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

Action-Not Available
Vendor-Linux Kernel Organization, IncThe Linux FoundationCanonical Ltd.
Product-ubuntu_linuxlinux_kernelkernel:
CWE ID-CWE-416
Use After Free
CVE-2020-4363
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.06%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 14:25
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 178960.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux- UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-36387
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.79%
||
7 Day CHG~0.00%
Published-07 Jun, 2021 | 19:19
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwarelinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700sn/a
CWE ID-CWE-416
Use After Free
CVE-2008-0007
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.11% / 29.55%
||
7 Day CHG~0.00%
Published-08 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2018-11964
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.69%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11961
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.20%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-1144
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.68%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2020-4204
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.11% / 30.15%
||
7 Day CHG~0.00%
Published-19 Feb, 2020 | 15:15
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixdb2windowslinux_kernelDB2 for Linux- UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-11963
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.20%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2015-6306
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-3.55% / 87.24%
||
7 Day CHG~0.00%
Published-25 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.

Action-Not Available
Vendor-n/aApple Inc.Cisco Systems, Inc.Linux Kernel Organization, Inc
Product-linux_kernelmac_os_xanyconnect_secure_mobility_clientn/a
CVE-2020-35499
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 31.71%
||
7 Day CHG~0.00%
Published-19 Feb, 2021 | 19:49
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelkernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-35512
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.55%
||
7 Day CHG~0.00%
Published-15 Feb, 2021 | 16:08
Updated-19 Nov, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors

Action-Not Available
Vendor-n/afreedesktop.orgLinux Kernel Organization, Inc
Product-dbuslinux_kerneldbus-1.12.x stable branchdbus-1.10.x and older branches (EOL)D-Bus Development branch
CWE ID-CWE-416
Use After Free
CVE-2020-36158
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.40%
||
7 Day CHG-0.16%
Published-05 Jan, 2021 | 04:25
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelcloud_backupfedorasolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2008-0600
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.45% / 62.64%
||
7 Day CHG~0.00%
Published-12 Feb, 2008 | 20:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-29534
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.09%
||
7 Day CHG~0.00%
Published-03 Dec, 2020 | 20:00
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-11995
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.45%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11262
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-04 Sep, 2018 | 16:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-682
Incorrect Calculation
CVE-2018-11911
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.69%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of script may lead to unprivileged access.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-11506
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.09%
||
7 Day CHG~0.00%
Published-28 May, 2018 | 04:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 19
  • 20
  • Next
Details not found