Linux Kernel@5.0 Security Vulnerabilities and Issues — Linux Kernel@5.0 CVE List

Lucene search

LinuxLinux Kernel5.0

8 matches found

CVE•added 2019/12/31 2:15 a.m.•263 views

CVE-2019-19927

In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm ...

6CVSS6.6AI score0.00196EPSS

CVE•added 2019/02/22 3:29 p.m.•245 views

CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

7.8CVSS7.3AI score0.07134EPSS

CVE•added 2019/02/22 3:29 p.m.•244 views

CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

9.8CVSS9.2AI score0.00768EPSS

CVE•added 2019/02/18 6:29 p.m.•205 views

CVE-2019-8912

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

7.8CVSS7.5AI score0.00427EPSS

CVE•added 2020/04/24 12:15 a.m.•203 views

CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On u...

7.2CVSS6.3AI score0.00496EPSS

CVE•added 2020/04/24 12:15 a.m.•100 views

CVE-2019-15793

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated in...

8.8CVSS7.2AI score0.00052EPSS

CVE•added 2020/04/24 12:15 a.m.•99 views

CVE-2019-15792

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a f...

7.8CVSS7.9AI score0.00335EPSS

CVE•added 2020/04/24 12:15 a.m.•96 views

CVE-2019-15791

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed,...

7.8CVSS7.2AI score0.00241EPSS