Kernel Linux Kernel

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Linux Kernel.

Known Exploited Linux Kernel Vulnerabilities

The following Linux Kernel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Linux Kernel PIE Stack Buffer Corruption Vulnerability Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. CVE-2017-1000253 September 9, 2024
Linux Kernel Heap-Based Buffer Overflow Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges. CVE-2022-0185 August 21, 2024
Linux Kernel Use-After-Free Vulnerability Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges. CVE-2022-2586 June 26, 2024
Linux Kernel Use-After-Free Vulnerability Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation. CVE-2024-1086 May 30, 2024
Linux Kernel Race Condition Vulnerability Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service or gain privileges via read and write operations with long strings. CVE-2014-0196 May 12, 2023
Linux Kernel Improper Input Validation Vulnerability Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. CVE-2010-3904 May 12, 2023
Linux Kernel Use-After-Free Vulnerability Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user. CVE-2023-0266 March 30, 2023
Linux Kernel Privilege Escalation Vulnerability The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation. CVE-2021-3493 October 20, 2022
Linux Kernel Improper Input Validation Vulnerability The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation. CVE-2013-6282 September 15, 2022
Linux Kernel Integer Overflow Vulnerability Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability which allows for privilege escalation. CVE-2013-2596 September 15, 2022
Linux Kernel Privilege Escalation Vulnerability Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation. CVE-2013-2094 September 15, 2022
Linux Kernel Privilege Escalation Vulnerability The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges. CVE-2014-3153 May 25, 2022
Linux Kernel Privilege Escalation Vulnerability Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe." CVE-2022-0847 April 25, 2022
Linux Kernel Privilege Escalation Vulnerability Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service or possibly for privilege escalation. CVE-2021-22600 April 11, 2022
Linux Kernel Race Condition Vulnerability Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges. CVE-2016-5195 March 3, 2022
Linux Kernel Improper Privilege Management Vulnerability Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability which allows local users to obtain root access. CVE-2019-13272 December 10, 2021

By the Year

In 2024 there have been 0 vulnerabilities in Linux Kernel . Kernel did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Kernel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Linux Kernel Security Vulnerabilities

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which

CVE-2010-0309 - February 12, 2010

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.

Configuration

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which

CVE-2009-3624 - November 02, 2009

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.

Cryptographic Issues

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring

CVE-2009-2406 - July 31, 2009

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

Buffer Overflow

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30

CVE-2009-1389 - June 16, 2009

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

Buffer Overflow

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5

CVE-2009-1385 - June 04, 2009

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.

Numeric Errors

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Linux Kernel or by Linux? Click the Watch button to subscribe.

Linux
Vendor

Linux Kernel
Product

subscribe