kernel

Top products

The 15 most recently published vulnerabilities affecting kernel.

• CVE-2026-27456util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup4.7Apr 3, 2026
• CVE-2026-3184Util-linux: util-linux: access control bypass due to improper hostname canonicalization3.7Apr 3, 2026
• CVE-2024-28085wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received fro...3.3Mar 27, 2024
• CVE-2020-21583An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.6.7Aug 22, 2023
• CVE-2021-3996A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to ...5.5Aug 23, 2022
• CVE-2021-3995A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmou...5.5Aug 23, 2022
• CVE-2022-0563A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file....5.5Feb 21, 2022
• CVE-2021-37600An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/...5.5Jul 28, 2021
• CVE-2020-10751A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorr...6.1May 26, 2020
• CVE-2018-17953pam_access does not handle netmask matches correctly7.5Nov 27, 2018
• CVE-2018-10840Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image.6.6Jul 16, 2018
• CVE-2016-9604It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it a...4.4Jul 11, 2018
• CVE-2018-1108kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for ...5.9May 21, 2018
• CVE-2018-1087kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions...8.0May 15, 2018
• CVE-2018-1118Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This ...2.3May 10, 2018