4 matches found
CVE-2020-12770
CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...
CVE-2020-12771
CVE-2020-12771 involves the Linux kernel component drivers/md/bcache/btree.c , where the function btree_gc_coalesce may deadlock if a coalescing operation fails. The connected Unity/Nessus entries reproduce: an issue in the kernel up to 5.6.11 with deadlock in the btree GC coalescing path, impact...
CVE-2020-36516
CVE-2020-36516 : Linux kernel (through 5.16.11) contains a flaw in the mixed IPID assignment method with a hash-based IPID policy that allows an off-path attacker to inject data into or terminate a victim’s TCP session. The issue affects the kernel’s TCP/IP handling and is documented in multiple ...
CVE-2019-20794
CVE-2019-20794 : The Linux kernel versions 4.18–5.6.11 are affected when unprivileged user namespaces are allowed. A user can create their own PID namespace and mount a FUSE filesystem; if the userspace component is terminated by killing PID 1, the interaction with the FUSE mount can hang the tas...