Lucene search
K

291 matches found

CVE
CVE
added 2019/07/17 12:32 p.m.1571 views

CVE-2019-13272

CVE-2019-13272 affects the Linux kernel ptrace code (kernel/ptrace.c), where credentials recording during ptrace relationship establishment can fail, enabling a local attacker to obtain root privileges under certain parent/child lifecycle scenarios and potentially cause a panic. Public advisories...

7.8CVSS7.7AI score0.52199EPSS
In wild
CVE
CVE
added 2019/06/18 11:34 p.m.792 views

CVE-2019-11477

CVE-2019-11477 (SACK Panic) is a Linux kernel TCP vulnerability where crafted SACK blocks can trigger an integer overflow, potentially causing a kernel crash and DoS. CVE-2019-11478/11479 describe related DoS via SACK handling and low MSS. In practice, Arista discloses affected products (EOS, Clo...

7.8CVSS7.5AI score0.98745EPSS
CVE
CVE
added 2019/09/20 6:25 p.m.791 views

CVE-2019-14816

CVE-2019-14816 is a Linux kernel heap-based buffer overflow in the mwifiex (Marvell) wifi driver that affects all versions up to, but excluding, 5.3. It enables a local attacker to crash the system or potentially execute arbitrary code via the Marvell wifi chip driver; affected scope is the kerne...

7.8CVSS9.1AI score0.00909EPSS
CVE
CVE
added 2019/09/20 6:27 p.m.753 views

CVE-2019-14814

CVE-2019-14814 affects the Linux kernel Marvell WiFi driver (mwifiex) - a heap-based buffer overflow in the Marvell WiFi chip driver, present in all kernel versions up to but excluding 5.3. This can allow local users to crash the system or, potentially, execute arbitrary code. Public advisories (...

7.8CVSS9AI score0.00869EPSS
CVE
CVE
added 2019/07/05 10:7 p.m.731 views

CVE-2019-10639

CVE-2019-10639 affects Linux kernel 4.x (from 4.1) and 5.x prior to 5.0.8, enabling remote information exposure by deriving a KASLR kernel image offset from IP ID values for UDP/ICMP traffic. An attacker could force traffic to attacker-controlled IPs to obtain hashing key information and expose t...

7.5CVSS8.1AI score0.03252EPSS
CVE
CVE
added 2019/09/24 5:55 a.m.722 views

CVE-2019-16746

CVE-2019-16746 : A buffer overflow in the Linux kernel (net/wireless/nl80211.c) can occur through improper bounds checking of variable-length elements in a beacon head, enabling potential arbitrary code execution or a system crash. The issue affects Linux kernels up to at least 5.2.17, with repor...

9.8CVSS9.1AI score0.12651EPSS
CVE
CVE
added 2019/07/05 10:7 p.m.709 views

CVE-2019-10638

The CVE-2019-10638 entry concerns the Linux kernel IT: the IP ID values used for connectionless protocols (UDP/ICMP) in kernels prior to 5.1.7. The underlying issue is weak hashing of IP IDs, enabling an attacker to track a host across networks by correlating IDs and potentially obtain the hashin...

6.5CVSS7.3AI score0.02571EPSS
CVE
CVE
added 2019/07/26 12:25 p.m.658 views

CVE-2019-14284

CVE-2019-14284 affects the Linux kernel prior to 5.2.3, where floppy.c can suffer a division-by-zero in setup_format_params. Two consecutive ioctls can trigger a DOs: the first ioctl sets geometry (.sect/.rate) such that F_SECT_PER_TRACK becomes zero; the second triggers the floppy format operati...

6.2CVSS6.2AI score0.00703EPSS
CVE
CVE
added 2019/07/26 4:40 a.m.655 views

CVE-2018-20856

CVE-2018-20856 : Linux kernel before 4.18.7 contains a use-after-free in block/blk-core.c__blk_drain_queue() when an error case is mishandled. This could allow a local attacker to cause a denial of service or, potentially, execute arbitrary code. The issue was addressed in the 4.18.7 patch releas...

7.8CVSS7.2AI score0.00707EPSS
CVE
CVE
added 2019/06/18 11:34 p.m.654 views

CVE-2019-11479

The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...

7.5CVSS7.3AI score0.9166EPSS
CVE
CVE
added 2019/06/03 6:25 p.m.645 views

CVE-2019-3846

CVE-2019-3846 affects the upstream kernel’s Marvell mwifiex wireless kernel driver. The description documents a memory corruption flaw that could allow privilege escalation when connecting to a malicious wireless network. Connected sources confirm this is within the mwifiex driver and describe th...

8.8CVSS9.1AI score0.05649EPSS
CVE
CVE
added 2019/10/17 1:47 a.m.641 views

CVE-2019-17666

CVE-2019-17666 affects the Linux kernel Realtek rtlwifi driver (rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c). The root cause is a missing upper-bound check that leads to a buffer overflow. Impact stated in sources includes memory corruption and potential remote code execution, wit...

8.8CVSS8.9AI score0.03017EPSS
CVE
CVE
added 2019/08/23 5:18 a.m.631 views

CVE-2019-15505

CVE-2019-15505 affects the technisat-usb2 media driver in Linux kernels up to 5.2.9. The issue arises from improper validation of incoming IR packets, leading to a heap buffer over-read. An attacker capable of adding USB devices (potentially via remote USB technologies like usbip/usbredir) could ...

10CVSS9AI score0.07619EPSS
CVE
CVE
added 2019/06/18 11:34 p.m.627 views

CVE-2019-11478

CVE-2019-11478 describes a DoS in the Linux kernel TCP SACK handling where the TCP retransmission queue can fragment, leading to degraded performance or denial of service when processing crafted SACK sequences. The initial entry notes a fixed commit f070ef2ac66716357066b683fb0baf55f8191a2e and st...

7.5CVSS6.4AI score0.94686EPSS
CVE
CVE
added 2019/09/19 5:37 p.m.619 views

CVE-2019-14821

CVE-2019-14821 is a Linux kernel KVM issue: an out-of-bounds access in the Coalesced MMIO write path can occur if a host user controls the MMIO ring buffer indices (ring->first/ring->last). A local attacker with /dev/kvm access could crash the host kernel or potentially escalate privileges ...

8.8CVSS9AI score0.00763EPSS
CVE
CVE
added 2019/09/17 3:9 p.m.616 views

CVE-2019-14835

The CVE-2019-14835 entry describes a buffer overflow in Linux kernel vhost functionality (virtqueue buffers translated to IOVs) during VM live migration. A privileged guest user could pass descriptors with invalid length while migration is underway, potentially causing a host privilege escalation...

7.8CVSS8.3AI score0.00627EPSS
CVE
CVE
added 2019/07/26 12:24 p.m.609 views

CVE-2019-14283

CVE-2019-14283 affects the Linux kernel up to version 5.2.2, where floppy drive handling in set_geometry() in drivers/block/floppy.c fails to validate sect and head, enabling an integer overflow and out-of-bounds read. This can be triggered by an unprivileged local user when a floppy is present (...

6.8CVSS6.8AI score0.00734EPSS
CVE
CVE
added 2019/09/04 5:50 a.m.609 views

CVE-2019-15902

CVE-2019-15902 describes a backporting error that reintroduced Spectre-v1 in ptrace_get_debugreg() due to swapped lines during cherry-picking. Affected Linux kernels include 4.4.x (up to 4.4.190), 4.9.x (up to 4.9.190), 4.14.x (up to 4.14.141), 4.19.x (up to 4.19.69), and 5.2.x (up to 5.2.11). Th...

5.6CVSS6.7AI score0.00586EPSS
CVE
CVE
added 2019/10/04 11:57 a.m.594 views

CVE-2019-17133

CVE-2019-17133 affects Linux kernel up to 5.3.2, where cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c fails to reject an oversized SSID IE, causing a Buffer Overflow. The available connected docs confirm the vulnerability and its impact but do not provide a specific patched version or reme...

9.8CVSS9AI score0.06652EPSS
CVE
CVE
added 2019/09/04 6:9 p.m.580 views

CVE-2019-15917

CVE-2019-15917 concerns a use-after-free in the Linux kernel before 5.0.5. The bug occurs when hci_uart_register_dev() fails in hci_uart_set_proto() within drivers/bluetooth/hci_ldisc.c, potentially after a local Bluetooth UART device setup. Affected: Linux kernel versions prior to 5.0.5. Impact ...

7CVSS7.4AI score0.00668EPSS
CVE
CVE
added 2019/06/03 9:58 p.m.573 views

CVE-2019-12614

CVE-2019-12614 affects Linux kernels up to 5.1.6 in the PowerPC pseries dlpar.c: a NULL pointer dereference triggered by unchecked kstrdup of prop->name can allow a local attacker to crash the system via a crafted request. The issue is confirmed in the initial description and corroborated by c...

4.7CVSS6.4AI score0.00623EPSS
CVE
CVE
added 2019/02/15 3:0 p.m.565 views

CVE-2019-6974

CVE-2019-6974 affects the Linux kernel KVM subsystem: a race in kvm_ioctl_create_device() mishandles reference counting, enabling a local user with access to /dev/kvm to cause a use-after-free, potentially crashing the guest or escalating privileges. The issue is fixed in kernel 4.20.8 and relate...

8.1CVSS7.7AI score0.16523EPSS
CVE
CVE
added 2019/11/29 2:5 p.m.535 views

CVE-2019-14901

CVE-2019-14901 is a heap overflow in the Marvell WiFi driver (mwifiex) of the Linux kernel, affecting all 3.x/4.x prior to 4.18.0. It can allow a remote attacker to crash the system (DoS) or potentially execute code with root privileges, impacting confidentiality and integrity. Public advisories ...

10CVSS9.7AI score0.16908EPSS
CVE
CVE
added 2019/09/04 8:33 p.m.515 views

CVE-2019-15927

CVE-2019-15927: A Linux kernel issue before 4.20.2 allows an out-of-bounds access in build_audio_procunit() within sound/usb/mixer.c, enabling local exploitation under affected kernels. The vulnerability is triggered by an out-of-bounds access in the function, as documented in the CVE entry and t...

7.8CVSS7.8AI score0.00412EPSS
CVE
CVE
added 2019/05/10 9:53 p.m.514 views

CVE-2019-11884

The CVE-2019-11884 entry affects the Linux kernel's HIDP path. It concerns the do_hidp_sock_ioctl in net/bluetooth/hidp/sock.c, where a HIDPCONNADD command can leak data from kernel stack memory due to a name field not properly ending with a NUL terminator. The vulnerability allows local attacker...

3.3CVSS5.6AI score0.00495EPSS
CVE
CVE
added 2019/04/23 10:0 p.m.506 views

CVE-2019-11487

The CVE-2019-11487 issue affects the Linux kernel prior to 5.1-rc5, enabling a page->_refcount overflow that can cause use-after-free when large RAM (≈140 GiB) is present, notably under FUSE workloads (fs/fuse/dev.c, mm/gup.c, mm/hugetlb.c, etc.). Affects multiple kernel components (fs/fuse, f...

7.8CVSS8AI score0.00708EPSS
CVE
CVE
added 2019/12/03 3:41 p.m.496 views

CVE-2019-19527

CVE-2019-19527 is a use-after-free vulnerability in the Linux kernel caused by a malformed interaction with a malicious USB device in the hiddev.c driver (drivers/hid/usbhid). Affected releases are Linux kernels prior to 5.2.10. The impact, as indicated in the CVE entry, includes potential compro...

7.2CVSS7.4AI score0.00448EPSS
CVE
CVE
added 2019/09/04 8:33 p.m.494 views

CVE-2017-18595

Linux kernel before 4.14.11 is affected by a double-free in allocate_trace_buffer (kernel/trace/trace.c). This CVE-2017-18595 issue can enable memory corruption when the trace buffer is allocated, and is exploitable with local access. The vulnerability is tied to kernel versions older than 4.14.1...

7.8CVSS7.8AI score0.0035EPSS
CVE
CVE
added 2019/03/17 6:26 p.m.494 views

CVE-2019-7221

CVE-2019-7221 is a Use-after-Free in the KVM implementation of the Linux kernel up to version 4.20.5. The vulnerability concerns KVM VMX preemption timer handling and is locally exploitable with low privileges and no user interaction, potentially affecting confidentiality, integrity, and availabi...

7.8CVSS7.5AI score0.00805EPSS
CVE
CVE
added 2019/05/07 1:4 p.m.493 views

CVE-2018-20836

CVE-2018-20836 : A race condition in the Linux kernel before 4.20, specifically in drivers/scsi/libsas/sas_expander.c (smp_task_timedout() vs smp_task_done()), can lead to a use-after-free. Affected: Linux kernel versions prior to 4.20. Impact is described as high by CVSS. The provided documents ...

9.3CVSS7.5AI score0.05111EPSS
CVE
CVE
added 2019/05/07 1:4 p.m.491 views

CVE-2019-11810

CVE-2019-11810 affects the Linux kernel up to version before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails inside megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c, leading to a Denial of Service tied to a use-after-free. Public advisories note...

7.8CVSS7.2AI score0.05789EPSS
CVE
CVE
added 2019/11/25 1:51 p.m.490 views

CVE-2019-10207

The CVE-2019-10207 entry describes a local DoS in Linux kernels via Bluetooth UART mishandling. Affected: Linux kernel Bluetooth UART implementation, versions 3.x.x prior to 4.18.0 and 5.x.x. Vulnerable action: a crafted ioctl call by a local attacker with write access to Bluetooth hardware can c...

5.5CVSS6.7AI score0.00881EPSS
CVE
CVE
added 2019/11/25 10:51 a.m.487 views

CVE-2019-14815

CVE-2019-14815 is a Linux kernel issue in the Marvell Mwifiex WiFi driver, described in the connected F5 advisory as a heap overflow in mwifiex_set_wmm_params(). The initial document also notes a heap overflow in this driver. The provided sources do not include explicit exploit details, affected ...

7.8CVSS8.6AI score0.00488EPSS
CVE
CVE
added 2019/07/19 12:53 p.m.486 views

CVE-2019-13648

CVE-2019-13648 affects the Linux kernel on PowerPC where hardware transactional memory is disabled. A local user can trigger a denial of service (TM Bad Thing exception and system crash) by sending a crafted signal frame via sigreturn() to arch/powerpc/kernel/signal_32.c and signal_64.c. Public d...

5.5CVSS5.7AI score0.00589EPSS
CVE
CVE
added 2019/07/30 4:19 p.m.485 views

CVE-2018-16871

A CVE-2018-16871 issue exists in the Linux kernel’s NFS implementation (all 3.x and 4.x up to 4.20). A attacker mounting an exported NFS filesystem can trigger a null pointer dereference using an invalid NFS sequence, causing a kernel panic and denying access to the NFS server; outstanding disk w...

7.5CVSS7.1AI score0.02779EPSS
CVE
CVE
added 2019/08/20 7:25 a.m.477 views

CVE-2019-15239

The CVE-2019-15239 issue arises from a backported net/ipv4/tcp_output.c change in some 4.9.x and 4.14.x long-term Linux kernels that was correctly fixed in 4.16.12 but incorrectly backported to older LT kernels. This regression enables a local attacker to add to a write queue between disconnectio...

7.8CVSS7.9AI score0.00589EPSS
CVE
CVE
added 2019/09/06 10:2 p.m.474 views

CVE-2019-16089

Summary (CVE-2019-16089): The vulnerability resides in the Linux kernel (through version 5.2.13) where nbd_genl_status in drivers/block/nbd.c does not validate the return value of nla_nest_start_noflag, potentially enabling local privilege impact due to improper netlink attribute nesting checks. ...

4.7CVSS5.1AI score0.00387EPSS
CVE
CVE
added 2019/03/18 4:33 p.m.469 views

CVE-2018-20669

CVE-2018-20669 affects the Linux kernel i915_gem_execbuffer2_ioctl path (drivers/gpu/drm/i915/i915_gem_execbuffer.c) up to kernel 4.19.13. A local attacker can craft an IOCTL call that fails address checks (address provided to access_ok() is not checked), enabling overwriting arbitrary kernel mem...

7.8CVSS7.2AI score0.00572EPSS
CVE
CVE
added 2019/11/07 3:29 p.m.467 views

CVE-2019-18808

The CVE-2019-18808 entry describes a memory-leak DoS in the Linux kernel via ccp_run_sha_cmd() in ccp-ops.c (up to kernel 5.3.9). Connected Astra Linux advisories show a similar memory-leak DoS in ccp_run_aes_gcm_cmd() (drivers/crypto/ccp/ccp-ops.c) affecting Linux-5.10 and noting similarity to C...

5.5CVSS6.1AI score0.00329EPSS
CVE
CVE
added 2019/04/25 2:41 p.m.462 views

CVE-2019-3900

CVE-2019-3900 is an upstream Linux kernel vulnerability in the vhost_net module causing an infinite loop while handling incoming packets in handle_rx(), which can allow a guest user to stall the vhost_net kernel thread and trigger a DoS. The issue is present in Linux kernel releases up to and inc...

7.7CVSS8.4AI score0.04425EPSS
CVE
CVE
added 2019/12/12 7:39 p.m.461 views

CVE-2019-19767

CVE-2019-19767 affects the Linux kernel prior to 5.4.2, due to mishandling of ext4_expand_extra_isize which can cause use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry (fs/ext4/inode.c and fs/ext4/super.c; CID-4ea99936a163). This is a kernel-level vulnerability impacting ext4-r...

5.5CVSS6.9AI score0.02081EPSS
CVE
CVE
added 2019/07/26 4:39 a.m.457 views

CVE-2018-20855

CVE-2018-20855 affects Linux kernel before 4.18.7. In mlx5InfiniBand, create_qp_common (mlx5_ib_create_qp_resp) was never initialized, leaking stack memory to userspace. Upstream fix shipped with kernel 4.18.7 (commit 0625b4ba1a5d4703c7fb01c497bd6c156908af00). Mitigation: upgrade to 4.18.7+ or ap...

3.3CVSS4.8AI score0.00463EPSS
CVE
CVE
added 2019/08/27 4:49 a.m.457 views

CVE-2019-15666

CVE-2019-15666 affects the Linux kernel prior to 5.0.19, with an out-of-bounds array access in __xfrm_policy_unlink caused by improper directory validation in net/xfrm/xfrm_user.c. This can lead to denial of service. Nexus/connected advisories confirm the same impact and recommend upgrading the k...

4.9CVSS6AI score0.0173EPSS
CVE
CVE
added 2019/08/19 1:52 a.m.456 views

CVE-2018-20976

CVE-2018-20976 affects the Linux kernel prior to 4.18, specifically a use-after-free in fs/xfs/xfs_super.c related to xfs_fs_fill_super during mount failure. The vulnerability can lead to memory corruption or crash and is exploitable via a local attack, with no authentication required per the CVE...

7.8CVSS7.8AI score0.00607EPSS
CVE
CVE
added 2019/06/14 1:56 p.m.456 views

CVE-2019-10126

CVE-2019-10126 affects the Linux kernel Marvell mwifiex wireless kernel driver. The issue is a heap-based buffer overflow in mwifiex_uap_parse_tail_ies (drivers/net/wireless/marvell/mwifiex/ie.c) that can lead to memory corruption. Public documents in the Connected set identify the affected compo...

9.8CVSS9.8AI score0.06821EPSS
CVE
CVE
added 2019/12/28 4:7 a.m.455 views

CVE-2019-20054

CVE-2019-20054 affects the Linux kernel prior to 5.0.6, with a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (related to put_links, CID-23da9588037e). The fix is included in kernel 5.0.6 (and later). Public exploit details are not provided in the supplied documents. Rec...

5.5CVSS6.5AI score0.00477EPSS
CVE
CVE
added 2019/12/08 12:48 a.m.451 views

CVE-2019-19447

CVE-2019-19447 is a Linux kernel 5.0.21 flaw where mounting a crafted ext4 filesystem image can trigger a use-after-free in ext4_put_super (fs/ext4/super.c, related to dump_orphan_list). Reports in multiple connected sources corroborate a local, post-authentication impact with potential arbitrary...

7.8CVSS8AI score0.03539EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.450 views

CVE-2019-19068

CVE-2019-19068 affects the Linux kernel Realtek RTL8xxxU USB Wi‑Fi driver (rtl8xxxu_submit_int_urb in rtl8xxxu_core.c, up to 5.3.11). The root cause is a memory leak when usb_submit_urb() fails during interrupt-URB submission, which can lead to DoS via memory consumption. Connected document F5 ad...

4.9CVSS6.1AI score0.00451EPSS
CVE
CVE
added 2019/10/01 1:10 p.m.449 views

CVE-2019-17055

CVE-2019-17055 affects the Linux kernel up to 5.3.2, where base_sock_create in drivers/isdn/mISDN/socket.c did not enforce CAP_NET_RAW, allowing unprivileged users to create a raw socket via AF_ISDN. The issue is tracked with CID CID-b91ee4aa2a21 and was addressed in upstream kernel commits 0edc3...

3.3CVSS6.5AI score0.00542EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.448 views

CVE-2019-19063

Concretely affected software: Linux kernel realtek rtlwifi USB driver (rtl_usb_probe in drivers/net/wireless/realtek/rtlwifi/usb.c). Root cause: two memory leaks in rtl_usb_probe() leading to memory exhaustion. Impact: potential denial of service due to unbounded memory consumption (through 5.3.1...

4.9CVSS6.5AI score0.00897EPSS
Total number of security vulnerabilities291