Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

8 matches found

CVE•added 2020/01/14 9:15 p.m.•438 views

CVE-2020-7053

In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gp...

7.8CVSS7.2AI score0.00019EPSS

CVE•added 2020/01/31 8:15 p.m.•399 views

CVE-2019-3016

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD proces...

6.2CVSS5.3AI score0.00053EPSS

CVE•added 2020/01/16 4:15 p.m.•361 views

CVE-2019-18282

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashr...

5.3CVSS6AI score0.00406EPSS

CVE•added 2020/01/29 12:15 a.m.•342 views

CVE-2020-8428

fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket,...

7.1CVSS6.9AI score0.00102EPSS

CVE•added 2020/01/16 9:15 p.m.•292 views

CVE-2019-9500

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results ...

8.3CVSS7.8AI score0.01424EPSS

CVE•added 2020/01/09 3:15 p.m.•285 views

CVE-2019-19332

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' devic...

6.1CVSS7AI score0.00087EPSS

CVE•added 2020/01/27 5:15 a.m.•118 views

CVE-2019-20422

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.

5.5CVSS5.2AI score0.00079EPSS

CVE•added 2020/01/15 5:15 p.m.•49 views

CVE-2007-4774

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

5.9CVSS5.5AI score0.00177EPSS