Lucene search

H610S Firmware Security Vulnerabilities - 2020

cve

CVE-2019-18282

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashr...

5.3CVSS

6AI Score

0.002EPSS

2020-01-16 04:15 PM

296

cve

CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying devi...

6.5CVSS

6.5AI Score

0.0004EPSS

2020-05-08 03:15 PM

344

cve

CVE-2020-11884

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.

7CVSS

6.6AI Score

0.0004EPSS

2020-04-29 01:15 PM

221

cve

CVE-2020-12653

An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.

7.8CVSS

7.5AI Score

0.0004EPSS

2020-05-05 06:15 AM

358

cve

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

5.5CVSS

5.7AI Score

0.0004EPSS

2020-05-09 09:15 PM

355

cve

CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

6.7CVSS

6.7AI Score

0.0005EPSS

2020-05-09 09:15 PM

418

cve

CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

5.5CVSS

5.9AI Score

0.001EPSS

2020-05-09 09:15 PM

281

cve

CVE-2020-12888

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.3CVSS

6AI Score

0.0005EPSS

2020-05-15 06:15 PM

523

cve

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS

6.5AI Score

0.007EPSS

2020-05-18 06:15 PM

346

cve

CVE-2020-15436

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

6.7CVSS

6.9AI Score

0.0004EPSS

2020-11-23 09:15 PM

230

cve

CVE-2020-8832

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could u...

5.5CVSS

6AI Score

0.001EPSS

2020-04-10 12:15 AM

187

cve

CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the int...

7.8CVSS

7.1AI Score

0.001EPSS

2020-04-02 06:15 PM

194