Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alsa vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-17450
net/netfilter/xt_osf.c in the Linux kernel up to and including 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared...
Linux Linux Kernel
5.5
CVSSv3
CVE-2018-7492
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel prior to 4.14.7 allowing local malicious users to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
Linux Linux Kernel
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2017-18241
fs/f2fs/segment.c in the Linux kernel prior to 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2019-9213
In the Linux kernel prior to 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for malicious users to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Linux Linux Kernel
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
1 EDB exploit
3 Github repositories
6.5
CVSSv3
CVE-2018-1066
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP se...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
5.5
CVSSv3
CVE-2017-18216
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel prior to 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
Linux Linux Kernel
7.8
CVSSv3
CVE-2018-8781
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, ...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
NA
CVE-2004-0887
SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.4
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.8
Linux Linux Kernel 2.6.9
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6.6
Linux Linux Kernel 2.6.10
Linux Linux Kernel 2.6.7
Suse Suse Linux 9.0
Linux Linux Kernel 2.6.2
Linux Linux Kernel 2.6.3
7.8
CVSSv3
CVE-2018-8822
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel up to and including 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc up to and including 4.16-rc6, could be exploited by malicious NCP...
Linux Linux Kernel 4.16
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel up to and including 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »