Lucene search

K

291 matches found

CVE
CVE
added 2019/11/18 6:15 a.m.113 views

CVE-2019-19044

Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.

7.8CVSS7AI score0.00647EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.110 views

CVE-2019-19069

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

7.8CVSS6.8AI score0.00932EPSS
CVE
CVE
added 2019/03/27 6:29 a.m.109 views

CVE-2019-10125

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

10CVSS8.9AI score0.04265EPSS
CVE
CVE
added 2019/05/02 5:29 p.m.109 views

CVE-2019-11683

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, a...

10CVSS9.3AI score0.21748EPSS
CVE
CVE
added 2019/06/18 11:15 p.m.105 views

CVE-2019-12881

i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0.

7.8CVSS7.7AI score0.00566EPSS
CVE
CVE
added 2019/09/11 4:15 p.m.105 views

CVE-2019-16229

drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id

4.7CVSS4.7AI score0.00012EPSS
CVE
CVE
added 2019/11/25 6:15 p.m.101 views

CVE-2019-19252

vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.

7.8CVSS7.2AI score0.00144EPSS
CVE
CVE
added 2019/04/23 3:29 a.m.99 views

CVE-2013-7470

cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.

7.1CVSS5.3AI score0.01266EPSS
CVE
CVE
added 2019/11/25 2:15 p.m.97 views

CVE-2019-18675

The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, whic...

7.8CVSS7.8AI score0.0013EPSS
CVE
CVE
added 2019/11/14 7:15 p.m.93 views

CVE-2019-0145

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.

7.8CVSS8AI score0.00048EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.92 views

CVE-2011-5327

In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.

9.8CVSS8.9AI score0.00624EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.92 views

CVE-2017-18379

In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.

9.8CVSS8.9AI score0.00798EPSS
CVE
CVE
added 2019/11/06 3:15 a.m.91 views

CVE-2019-18786

In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.

5.5CVSS5.7AI score0.00115EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.90 views

CVE-2010-5331

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user...

7.8CVSS7.3AI score0.00077EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.86 views

CVE-2010-5332

In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of a...

5.6CVSS5.3AI score0.00105EPSS
CVE
CVE
added 2019/08/23 6:15 a.m.84 views

CVE-2019-15504

drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

10CVSS8.8AI score0.03484EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.83 views

CVE-2012-6712

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

9.8CVSS9.3AI score0.00784EPSS
CVE
CVE
added 2019/09/11 4:15 p.m.82 views

CVE-2019-16230

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics ca...

4.7CVSS6AI score0.00173EPSS
CVE
CVE
added 2019/09/27 1:15 p.m.82 views

CVE-2019-16921

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

7.5CVSS6.9AI score0.00272EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.78 views

CVE-2019-9857

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.

5.5CVSS6AI score0.00073EPSS
CVE
CVE
added 2019/08/19 2:15 a.m.76 views

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.

5.5CVSS5.9AI score0.00428EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.75 views

CVE-2007-6762

In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

9.8CVSS9.2AI score0.008EPSS
CVE
CVE
added 2019/08/19 2:15 a.m.75 views

CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_send_raw_srb does not initialize the reply structure.

5.5CVSS5.3AI score0.00254EPSS
CVE
CVE
added 2019/04/04 4:29 p.m.75 views

CVE-2018-20449

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

5.5CVSS4.9AI score0.00071EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.75 views

CVE-2019-18813

A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.

7.8CVSS7.5AI score0.01243EPSS
CVE
CVE
added 2019/12/26 7:15 p.m.74 views

CVE-2011-1474

A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop con...

5.5CVSS5.4AI score0.00145EPSS
CVE
CVE
added 2019/11/04 3:15 p.m.71 views

CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.

7.8CVSS7.8AI score0.01696EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.69 views

CVE-2016-10764

In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

9.8CVSS9.1AI score0.00815EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.68 views

CVE-2019-18810

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

7.8CVSS7.7AI score0.0122EPSS
CVE
CVE
added 2019/08/19 2:15 a.m.66 views

CVE-2017-18552

An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

7.8CVSS7.4AI score0.00128EPSS
CVE
CVE
added 2019/04/30 6:29 p.m.66 views

CVE-2018-20510

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

5.5CVSS5.6AI score0.00056EPSS
CVE
CVE
added 2019/05/07 2:29 p.m.66 views

CVE-2019-11811

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.

7CVSS6.6AI score0.00049EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.64 views

CVE-2019-18807

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-...

7.5CVSS7.1AI score0.01186EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.63 views

CVE-2019-18812

A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.

7.8CVSS7.5AI score0.00554EPSS
CVE
CVE
added 2019/08/19 2:15 a.m.59 views

CVE-2016-10907

An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.

7.8CVSS7.4AI score0.00089EPSS
CVE
CVE
added 2019/04/11 3:29 p.m.57 views

CVE-2019-3837

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the mem...

6.1CVSS6.3AI score0.00093EPSS
CVE
CVE
added 2019/04/30 6:29 p.m.56 views

CVE-2018-20509

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

5.5CVSS4.9AI score0.00057EPSS
CVE
CVE
added 2019/11/29 5:15 p.m.56 views

CVE-2019-19378

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

7.8CVSS7.2AI score0.00839EPSS
CVE
CVE
added 2019/11/07 10:15 p.m.47 views

CVE-2007-3732

In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "current" references work. Without this, "current...

5.5CVSS5.3AI score0.00164EPSS
CVE
CVE
added 2019/11/07 5:15 p.m.47 views

CVE-2010-2243

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

7.8CVSS7.3AI score0.00788EPSS
CVE
CVE
added 2019/06/14 2:29 a.m.44 views

CVE-2019-12818

An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llc...

7.5CVSS7.7AI score0.05643EPSS
Total number of security vulnerabilities291