Lucene search

K

291 matches found

CVE
CVE
added 2019/05/28 3:29 a.m.194 views

CVE-2019-12379

An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue

5.5CVSS6.6AI score0.00082EPSS
CVE
CVE
added 2019/05/28 3:29 a.m.190 views

CVE-2019-12378

An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue

5.5CVSS6.6AI score0.00095EPSS
CVE
CVE
added 2019/06/26 6:15 p.m.190 views

CVE-2019-12984

A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.

5.5CVSS6.4AI score0.00569EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.186 views

CVE-2019-19536

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.

4.6CVSS6AI score0.0008EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.185 views

CVE-2019-19061

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.

7.8CVSS6.7AI score0.00932EPSS
CVE
CVE
added 2019/11/22 2:15 p.m.183 views

CVE-2019-19227

In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122...

5.5CVSS6.4AI score0.00051EPSS
CVE
CVE
added 2019/12/11 3:15 p.m.181 views

CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknow...

7.4CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.180 views

CVE-2019-19535

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.

4.6CVSS6AI score0.00033EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.179 views

CVE-2019-18811

A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.

5.5CVSS6.3AI score0.00125EPSS
CVE
CVE
added 2019/12/05 2:15 p.m.178 views

CVE-2019-19602

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonst...

6.1CVSS6.7AI score0.00038EPSS
CVE
CVE
added 2019/11/28 12:15 a.m.174 views

CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

4.4CVSS6AI score0.0036EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.172 views

CVE-2019-19055

A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of...

5.5CVSS6.5AI score0.00097EPSS
CVE
CVE
added 2019/01/29 4:29 p.m.169 views

CVE-2018-16880

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of...

7CVSS7.5AI score0.00075EPSS
CVE
CVE
added 2019/10/01 2:15 p.m.169 views

CVE-2019-17056

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

3.3CVSS6.2AI score0.00071EPSS
CVE
CVE
added 2019/11/21 2:15 a.m.169 views

CVE-2019-19039

__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues a...

5.5CVSS5.6AI score0.00487EPSS
CVE
CVE
added 2019/11/21 3:15 a.m.168 views

CVE-2019-19037

ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.

5.5CVSS6.6AI score0.01076EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.167 views

CVE-2019-19047

A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.

5.5CVSS6.3AI score0.00081EPSS
CVE
CVE
added 2019/12/17 6:15 a.m.167 views

CVE-2019-19813

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_m...

7.1CVSS5.7AI score0.01528EPSS
CVE
CVE
added 2019/11/29 4:15 p.m.166 views

CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

7.8CVSS7.1AI score0.00386EPSS
CVE
CVE
added 2019/01/31 9:29 a.m.165 views

CVE-2017-18360

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

5.5CVSS5.5AI score0.00082EPSS
CVE
CVE
added 2019/06/03 10:29 p.m.163 views

CVE-2019-12615

An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

7.8CVSS7AI score0.02025EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.163 views

CVE-2019-19531

In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.

6.8CVSS7.3AI score0.00098EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.161 views

CVE-2019-19525

In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.

4.9CVSS6AI score0.00055EPSS
CVE
CVE
added 2019/11/14 2:15 p.m.160 views

CVE-2019-18885

fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.

5.5CVSS5.6AI score0.02508EPSS
CVE
CVE
added 2019/08/07 10:15 p.m.157 views

CVE-2019-14763

In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.

5.5CVSS6.6AI score0.0007EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.153 views

CVE-2019-19048

A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.

7.8CVSS7.6AI score0.00734EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.152 views

CVE-2019-19071

A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.

7.8CVSS7.5AI score0.0095EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.150 views

CVE-2019-19050

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

7.8CVSS7.5AI score0.00909EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.150 views

CVE-2019-19076

A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream ...

7.1CVSS5.3AI score0.01964EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.145 views

CVE-2019-19043

A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.

5.5CVSS6.3AI score0.00131EPSS
CVE
CVE
added 2019/09/04 7:15 p.m.143 views

CVE-2019-15922

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.

5.5CVSS6.5AI score0.00091EPSS
CVE
CVE
added 2019/02/01 4:29 p.m.142 views

CVE-2016-10741

In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.

4.7CVSS5.1AI score0.0007EPSS
CVE
CVE
added 2019/09/04 7:15 p.m.141 views

CVE-2019-15923

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

5.5CVSS6.5AI score0.00046EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.140 views

CVE-2019-19079

A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.

7.8CVSS6.8AI score0.0122EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.137 views

CVE-2019-19070

A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this b...

7.8CVSS7.6AI score0.00678EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.135 views

CVE-2019-15223

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

4.9CVSS5.9AI score0.00066EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.135 views

CVE-2019-19064

A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this ...

7.8CVSS7.6AI score0.00515EPSS
CVE
CVE
added 2019/01/03 4:29 p.m.130 views

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory ad...

5.5CVSS6.1AI score0.00044EPSS
CVE
CVE
added 2019/10/01 2:15 p.m.125 views

CVE-2019-17052

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

3.3CVSS6AI score0.00082EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.125 views

CVE-2019-19053

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

7.8CVSS7.5AI score0.00422EPSS
CVE
CVE
added 2019/12/17 8:15 p.m.123 views

CVE-2019-19241

In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to ...

7.8CVSS7.2AI score0.00935EPSS
CVE
CVE
added 2019/04/09 4:29 p.m.123 views

CVE-2019-3887

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash...

6.7CVSS6AI score0.00011EPSS
CVE
CVE
added 2019/12/17 6:15 a.m.122 views

CVE-2019-19814

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.

9.3CVSS7.3AI score0.00877EPSS
CVE
CVE
added 2019/04/01 7:29 p.m.122 views

CVE-2019-8956

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

7.8CVSS7.4AI score0.01164EPSS
CVE
CVE
added 2019/11/06 8:15 p.m.120 views

CVE-2014-3180

In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable

9.1CVSS8.5AI score0.00175EPSS
CVE
CVE
added 2019/07/30 5:15 p.m.120 views

CVE-2019-10142

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system,...

7.8CVSS6AI score0.00054EPSS
CVE
CVE
added 2019/10/01 2:15 p.m.119 views

CVE-2019-17054

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.

3.3CVSS6AI score0.00072EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.118 views

CVE-2019-16714

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

7.5CVSS7.7AI score0.00914EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.118 views

CVE-2019-18806

A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2019/12/17 7:15 a.m.117 views

CVE-2019-19815

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.

7.1CVSS5.5AI score0.00972EPSS
Total number of security vulnerabilities291