Filtered by vendor Linux
Subscriptions
Filtered by product Linux Kernel
Subscriptions
Total
12850 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6546 | 3 Fedoraproject, Linux, Redhat | 9 Fedora, Linux Kernel, Enterprise Linux and 6 more | 2025-07-25 | 7 High |
| A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. | ||||
| CVE-2023-33855 | 2 Ibm, Linux | 4 Aix, Common Cryptographic Architecture, I and 1 more | 2025-07-25 | 3.7 Low |
| Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack. IBM X-Force ID: 257676. | ||||
| CVE-2024-47107 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2025-07-25 | 6.4 Medium |
| IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2023-47150 | 2 Ibm, Linux | 4 Aix, Common Cryptographic Architecture, I and 1 more | 2025-07-25 | 7.5 High |
| IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602. | ||||
| CVE-2024-27269 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2025-07-25 | 6.8 Medium |
| IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575. | ||||
| CVE-2024-31892 | 2 Ibm, Linux | 3 Spectrum Scale Container Native Storage Access, Storage Scale, Linux Kernel | 2025-07-25 | 7.5 High |
| IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements. | ||||
| CVE-2024-31891 | 2 Ibm, Linux | 3 Spectrum Scale Container Native Storage Access, Storage Scale, Linux Kernel | 2025-07-25 | 7.8 High |
| IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system. | ||||
| CVE-2024-38337 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more | 2025-07-25 | 9.1 Critical |
| IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments. | ||||
| CVE-2024-41783 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more | 2025-07-25 | 9.1 Critical |
| IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input. | ||||
| CVE-2023-6622 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-07-25 | 5.5 Medium |
| A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. | ||||
| CVE-2023-4387 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-07-25 | 7.1 High |
| A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. | ||||
| CVE-2024-28786 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2025-07-25 | 6.5 Medium |
| IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. | ||||
| CVE-2025-37984 | 1 Linux | 1 Linux Kernel | 2025-07-25 | 2.5 Low |
| In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large value. Herbert instead suggests (for a division by 8): X / 8 + !!(X & 7) Based on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and use it in lieu of DIV_ROUND_UP() for ->key_size() return values. Additionally, use the macro in ecc_digits_from_bytes(), whose "nbytes" parameter is a ->key_size() return value in some instances, or a user-specified ASN.1 length in the case of ecdsa_get_signature_rs(). | ||||
| CVE-2021-3347 | 4 Debian, Fedoraproject, Linux and 1 more | 10 Debian Linux, Fedora, Linux Kernel and 7 more | 2025-07-24 | 7.8 High |
| An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. | ||||
| CVE-2020-14381 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-07-24 | 7.8 High |
| A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2023-4194 | 4 Debian, Fedoraproject, Linux and 1 more | 5 Debian Linux, Fedora, Linux Kernel and 2 more | 2025-07-23 | 5.5 Medium |
| A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate. | ||||
| CVE-2023-39194 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-07-23 | 3.2 Low |
| A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. | ||||
| CVE-2023-6176 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-07-23 | 4.7 Medium |
| A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2022-40752 | 3 Ibm, Linux, Microsoft | 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more | 2025-07-23 | 9.8 Critical |
| IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687. | ||||
| CVE-2021-39077 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2025-07-23 | 4.4 Medium |
| IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587. | ||||