ReportizFlow
Filtered by vendor
Subscriptions
Total
356 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20371 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195565510References: Upstream kernel | ||||
| CVE-2022-20153 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel | ||||
| CVE-2022-20141 | 2 Google, Redhat | 4 Android, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.0 High |
| In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel | ||||
| CVE-2022-20016 | 2 Google, Mediatek | 17 Android, Mt6781, Mt6785 and 14 more | 2024-11-21 | 6.7 Medium |
| In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862986; Issue ID: ALPS05862986. | ||||
| CVE-2022-0897 | 2 Netapp, Redhat | 3 Ontap Select Deploy Administration Utility, Enterprise Linux, Libvirt | 2024-11-21 | 4.3 Medium |
| A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). | ||||
| CVE-2021-4149 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem. | ||||
| CVE-2021-4147 | 3 Fedoraproject, Netapp, Redhat | 3 Fedora, Ontap Select Deploy Administration Utility, Libvirt | 2024-11-21 | 6.5 Medium |
| A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. | ||||
| CVE-2021-43429 | 1 Seagate | 1 Cortx-s3 Server | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability exists in CORTX-S3 Server as of 11/7/2021 via the mempool_destroy method due to a failture to release locks pool->lock. | ||||
| CVE-2021-43395 | 5 Illumos, Joyent, Omniosce and 2 more | 5 Illumos, Smartos, Omnios and 2 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. | ||||
| CVE-2021-41213 | 1 Google | 1 Tensorflow | 2024-11-21 | 5.5 Medium |
| TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | ||||
| CVE-2021-41141 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 5.9 Medium |
| PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch. | ||||
| CVE-2021-3735 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 4.4 Medium |
| A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3667 | 2 Netapp, Redhat | 4 Ontap Select Deploy Administration Utility, Advanced Virtualization, Enterprise Linux and 1 more | 2024-11-21 | 6.5 Medium |
| An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-39801 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209791720References: Upstream kernel | ||||
| CVE-2021-39656 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049066References: Upstream kernel | ||||
| CVE-2021-39649 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049006References: N/A | ||||
| CVE-2021-39647 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-198713939References: N/A | ||||
| CVE-2021-39640 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157294279References: N/A | ||||
| CVE-2021-38203 | 2 Linux, Netapp | 7 Linux Kernel, Element Software, Hci Bootstrap Os and 4 more | 2024-11-21 | 5.5 Medium |
| btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. | ||||
| CVE-2021-31786 | 1 Actions-semi | 10 Ats2815, Ats2815 Firmware, Ats2819 and 7 more | 2024-11-21 | 6.5 Medium |
| The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host. | ||||