Lucene search
K

129 matches found

CVE
CVE
added 2020/05/22 2:9 p.m.690 views

CVE-2020-10711

The CVE-2020-10711 entry concerns a NULL pointer dereference in the Linux kernel SELinux subprocess during CIPSO category bitmap import. Affected are kernel versions before 5.7; processing the CIPSO restricted bitmap tag in cipso_v4_parsetag_rbm sets a security attribute indicating the bitmap exi...

5.9CVSS6.5AI score0.03097EPSS
CVE
CVE
added 2020/05/15 5:2 p.m.635 views

CVE-2020-12888

CVE-2020-12888 affects the Linux kernel VFIO PCI driver (through 5.6.13) and arises from improper handling of accesses to disabled MMIO space. A local attacker or a guest VM with VFIO access could trigger a denial of service or crash by exploiting writes/reads to disabled memory regions. Connecte...

5.3CVSS6AI score0.00404EPSS
CVE
CVE
added 2020/11/17 1:16 a.m.599 views

CVE-2020-25705

CVE-2020-25705 is a Linux kernel ICMP handling flaw that lets an off-path attacker bypass UDP source port randomization and rapidly scan open UDP ports. Affected products include various kernel versions and embedded/Linux-based devices; remediation is via kernel updates (e.g., CentOS/AlmaLinux ad...

7.4CVSS7.3AI score0.06692EPSS
CVE
CVE
added 2020/06/12 12:0 a.m.590 views

CVE-2020-10732

CVE-2020-10732 describes a Linux Kernel flaw in the Userspace core dumps implementation. According to connected IBM bulletin entries, the issue: allows a local authenticated attacker to obtain sensitive information or cause a program crash by exploiting the core-dump handling path. The vulnerabil...

4.4CVSS5.6AI score0.00617EPSS
CVE
CVE
added 2020/05/09 8:16 p.m.563 views

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

6.7CVSS6.7AI score0.00586EPSS
CVE
CVE
added 2020/06/09 12:40 p.m.519 views

CVE-2020-10757

CVE-2020-10757 affects the Linux kernel (post 4.5-rc1) where mremap mishandles DAX Huge Pages, enabling a local attacker with DAX storage access to escalate privileges. Connected advisories (RHEL/CentOS, Amazon Linux 2, IBM QRadar-related entries) confirm kernel patches/fixes are available and re...

7.8CVSS7.5AI score0.00992EPSS
CVE
CVE
added 2020/02/06 12:6 a.m.517 views

CVE-2020-8648

CVE-2020-8648 is a use-after-free in the Linux kernel’s n_tty_receive_buf_common function (drivers/tty/n_tty.c), affecting kernel builds up to 5.5.2. It is a local vulnerability; exploitation could crash the kernel (DoS), with CVSS notes indicating local access and high impact on availability. Co...

7.1CVSS7AI score0.00661EPSS
CVE
CVE
added 2020/05/05 6:13 a.m.505 views

CVE-2020-12659

Concrete details found: CVE-2020-12659 affects the Linux kernel before 5.6.7. The vulnerability is an out-of-bounds write in xdp_umem_reg() of net/xdp/xdp_umem.c, exploitable by a user with CAP_NET_ADMIN due to missing headroom validation. Impact described across connected docs includes potential...

7.2CVSS6.5AI score0.00707EPSS
CVE
CVE
added 2020/05/05 5:16 a.m.503 views

CVE-2020-12655

CVE-2020-12655 affects the Linux kernel’s XFS code path: specifically, xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c up to version 5.6.10. The issue allows an attacker to trigger a sync of excessive duration when processing a crafted XFS v5 image, potentially causing denial of service through prolo...

5.5CVSS6AI score0.00461EPSS
CVE
CVE
added 2020/09/15 12:0 a.m.502 views

CVE-2020-14314

CVE-2020-14314 is a memory out-of-bounds read in the Linux kernel’s ext3/ext4 directory handling that can crash the system on a local user. Public advisories confirm the issue affects the kernel and is tied to ext3/ext4 filesystem access with broken indexing, contributing to availability impact. ...

5.5CVSS5.9AI score0.00356EPSS
CVE
CVE
added 2020/09/15 9:14 p.m.496 views

CVE-2020-14385

CVE-2020-14385 affects the Linux kernel prior to 5.9-rc4. A failure in the XFS file system metadata validator can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt, potentially shutting down the filesystem or making it inaccessible until remounted, resulting ...

5.5CVSS5.8AI score0.00416EPSS
CVE
CVE
added 2020/12/02 12:0 a.m.486 views

CVE-2020-25704

CVE-2020-25704 describes a memory leak in the Linux kernel perf subsystem when using PERF_EVENT_IOC_SET_FILTER, enabling a local user to exhaust resources and cause a denial of service. The vulnerability is reiterated across multiple advisories (e.g., ALAS2KERNEL, ALAS-2020-1566, Debian/AlmaLinux...

5.5CVSS6AI score0.00348EPSS
CVE
CVE
added 2020/08/19 2:37 p.m.485 views

CVE-2020-14356

CVE-2020-14356 affects the Linux kernel cgroupv2 subsystem in versions before 5.7.10. The flaw is a use-after-free / NULL pointer dereference in the handling of socket references to cgroups, which, under certain configurations (including reboot scenarios), could allow a local user to crash the sy...

7.8CVSS7.2AI score0.00965EPSS
CVE
CVE
added 2020/09/16 12:48 p.m.484 views

CVE-2020-14386

CVE-2020-14386 is a Linux kernel memory-corruption vulnerability affecting the packet socket (AF_PACKET) path that can allow a local attacker to gain kernel privileges. The initial entry cites a memory corruption flaw exploitable by an unprivileged process to achieve root access. Connected adviso...

7.8CVSS7.7AI score0.01308EPSS
CVE
CVE
added 2020/04/09 8:13 p.m.483 views

CVE-2020-11668

CVE-2020-11668 affects the Linux kernel drivers/media/usb/gspca/xirlink_cit.c (Xirlink camera USB driver). The issue arises from mishandling invalid USB descriptors in this driver, as reported in multiple advisories. The connected documents confirm that this vulnerability can enable a local attac...

7.1CVSS7AI score0.00483EPSS
CVE
CVE
added 2020/12/15 4:57 p.m.483 views

CVE-2020-27777

The CVE-2020-27777 issue concerns the Linux kernel on PowerPC: RTAS memory accesses in the userspace-to-kernel path allow a local, root-like user on a locked-down guest (Secure Boot) running on PowerVM or KVM/pseries to escalate privileges to the running kernel. Root cause is an improper handling...

7.2CVSS6.8AI score0.00501EPSS
CVE
CVE
added 2020/09/13 5:28 p.m.476 views

CVE-2020-25285

CVE-2020-25285 is a race condition in the Linux kernel hugetlb sysctl handlers (mm/hugetlb.c) that could allow a local attacker to corrupt memory or trigger NULL pointer dereferences. Public docs (e.g., ChangeLog-5.8.8) indicate the fix was released in kernel 5.8.8; Ubuntu/Debian advisories refer...

6.4CVSS7AI score0.00272EPSS
CVE
CVE
added 2020/12/09 4:57 p.m.467 views

CVE-2020-29661

The entry CVE-2020-29661 describes a local, kernel-space vulnerability in the Linux tty subsystem (drivers/tty/tty_jobctrl.c) that can enable a use-after-free through TIOCSPGRP. A locking issue in this path allows memory corruption and potential privilege escalation or system impact when an attac...

7.8CVSS7.9AI score0.01129EPSS
CVE
CVE
added 2020/01/14 8:4 p.m.464 views

CVE-2020-7053

CVE-2020-7053 affects the Linux kernel: a use-after-free (write) in i915_ppgtt_close (drivers/gpu/drm/i915/i915_gem_gtt.c), linked to i915_gem_context_destroy_ioctl (i915_gem_context.c). Affected: Linux kernels 4.14 LTS up to 4.14.165, 4.19 LTS up to 4.19.96, and 5.x before 5.2. Root cause is a u...

7.8CVSS7.2AI score0.00617EPSS
CVE
CVE
added 2020/09/15 6:51 p.m.462 views

CVE-2020-14331

CVE-2020-14331 is a Linux kernel vulnerability in the VGA console driver’s soft-scrollback path. A local user with access to a VGA console can trigger an out-of-bounds write when resizing the console via VT_RESIZE, potentially crashing the system and possibly escalating privileges. Publicly docum...

7.2CVSS6.9AI score0.00563EPSS
CVE
CVE
added 2020/01/31 7:50 p.m.459 views

CVE-2019-3016

CVE-2019-3016 is a Linux kernel/KVM issue where, when PV TLB is enabled, a process inside a guest can read memory belonging to another process in the same guest. The root cause is a missing or incomplete TLB flush in the KVM x86 paravirtualized path when the host is running Linux 4.10 and the gue...

6.2CVSS5.3AI score0.00619EPSS
CVE
CVE
added 2020/05/05 4:47 a.m.456 views

CVE-2020-12654

CVE-2020-12654 affects the Linux kernel prior to 5.5.4. The vulnerability is a heap-based buffer overflow in mwifiex_ret_wmm_get_status() (drivers/net/wireless/marvell/mwifiex/wmm.c) caused by an incorrect memcpy when processing WMM parameters from a remote AP. A crafted AP can trigger overflow a...

7.1CVSS7.1AI score0.01218EPSS
CVE
CVE
added 2020/09/15 10:10 p.m.452 views

CVE-2020-10766

CVE-2020-10766 is a Linux kernel vulnerability tied to the SSBD mitigation logic, enabling a local attacker to temporarily disable SSBD during a context switch due to per-task STIPB switching. Connected advisories confirm affected kernels (e.g., Linux 5.4.x/5.8 era) and provide patch info: Debian...

5.5CVSS5.9AI score0.00463EPSS
In wild
CVE
CVE
added 2020/03/24 9:3 p.m.445 views

CVE-2020-10942

CVE-2020-10942 affects Linux kernel pre-5.5.8: vhost-net get_raw_socket fails to validate sk_family in drivers/vhost/net.c, enabling local attackers to induce kernel stack corruption via crafted syscalls, with potential DoS or privilege escalation. The connected doc from ALAS2LIVEPATCH-2020-015 n...

5.4CVSS6.2AI score0.00962EPSS
CVE
CVE
added 2020/05/05 4:47 a.m.443 views

CVE-2020-12653

CVE-2020-12653 affects the Linux kernel prior to 5.5.4, caused by an incorrect memcpy in the mwifiex_cmd_append_vsie_tlv() function (drivers/net/wireless/marvell/mwifiex/scan.c). This enables a local attacker to gain elevated privileges or cause a denial of service due to a buffer overflow. Conne...

7.8CVSS7.5AI score0.00435EPSS
CVE
CVE
added 2020/02/06 12:6 a.m.440 views

CVE-2020-8649

CVE-2020-8649 is a Linux kernel use-after-free in vgacon_invert_region (drivers/video/console/vgacon.c). The vulnerability, reported as CVE-2020-8649, could lead to memory corruption or DoS via the vgacon driver when a virtual terminal is accessed. Public details in Debian security advisories (DL...

5.9CVSS6.2AI score0.00488EPSS
CVE
CVE
added 2020/09/15 11:13 p.m.439 views

CVE-2020-10768

CVE-2020-10768 affects the Linux kernel prior to 5.8-rc1, where prctl() can re-enable indirect branch speculation after it has been disabled, enabling Spectre v2-style disclosure. The vulnerability has Local attack vector and primarily impacts confidentiality; no exploitation details are provided...

5.5CVSS6.1AI score0.00397EPSS
In wild
CVE
CVE
added 2020/05/08 1:48 p.m.433 views

CVE-2020-10690

The CVE-2020-10690 entry affects Linux kernel versions before 5.5. It is caused by a race between the release of ptp_clock and the cdev during resource deallocation, which can free the cdev structure while a high-privileged process holding /dev/ptpX is sleeping. When the underlying device is remo...

6.5CVSS6.5AI score0.00359EPSS
CVE
CVE
added 2020/11/23 4:15 p.m.433 views

CVE-2020-12351

CVE-2020-12351 corresponds to the Linux kernel Bluetooth vulnerability known as BleedingTooth. Exploitation involves Bluetooth L2CAP and related memory handling, with PoCs showing remote code execution from a nearby attacker. Root causes cited in public exploit data include a type-confusion error...

8.8CVSS9AI score0.07693EPSS
CVE
CVE
added 2020/05/18 5:50 p.m.430 views

CVE-2020-13143

CVE-2020-13143 affects the Linux kernel USB gadget/configfs (drivers/usb/gadget/configfs.c) from 3.16 to 5.6.13. The flaw arises when gadget_dev_desc_UDC_store uses kstrdup and may encounter an internal NUL value, leading to potential out-of-bounds memory access (reported as heap out-of-bounds wr...

6.5CVSS6.5AI score0.04505EPSS
CVE
CVE
added 2020/10/06 1:33 p.m.427 views

CVE-2020-25641

CVE-2020-25641 affects the Linux kernel biovecs implementation in the block layer. A zero-length biovec request can cause the kernel to enter an infinite loop, leading to a local denial of service and availability impact. The vulnerability is exploitable by a local attacker with basic privileges ...

5.5CVSS5.8AI score0.00385EPSS
CVE
CVE
added 2020/12/03 4:43 p.m.423 views

CVE-2020-14351

CVE-2020-14351 is a Linux kernel vulnerability in the perf subsystem that enables a local attacker with perf event access to trigger a use-after-free, potentially corrupt memory and escalate privileges. Public sources in connected advisories describe the vulnerability as a local use-after-free af...

7.8CVSS7.7AI score0.00302EPSS
CVE
CVE
added 2020/11/23 4:15 p.m.420 views

CVE-2020-12352

CVE-2020-12352 corresponds to an issue in the Linux Bluetooth stack (BlueZ) where improper access control may allow an unauthenticated user with adjacent access to trigger information disclosure. The description and connected sources indicate this is a local/adjacent-network risk without user int...

6.5CVSS7.4AI score0.05714EPSS
CVE
CVE
added 2020/12/15 5:0 p.m.420 views

CVE-2020-29569

CVE-2020-29569 describes a use-after-free in the Linux kernel PV block backend (blkback) when Xen is used, where the kernel thread handler may not reset ring->xenblkd to NULL if the frontend toggles between connect/disconnect, allowing a misbehaving guest to trigger a dom0 crash. The issue aff...

8.8CVSS8.3AI score0.00388EPSS
CVE
CVE
added 2020/12/09 4:57 p.m.420 views

CVE-2020-29660

This CVE (CVE-2020-29660) affects the Linux kernel tty subsystem, specifically in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c, where a locking inconsistency can enable a local attacker to perform a read-after-free against TIOCGSID. Consequences stated in multiple advisories include memory ...

4.4CVSS6.3AI score0.00468EPSS
CVE
CVE
added 2020/11/28 6:20 a.m.415 views

CVE-2020-29368

Affected software: Linux kernel up to version prior to 5.7.5 (pre-5.7.5). Vulnerability details: In mm/huge_memory.c, __split_huge_pmd, the copy-on-write CoW implementation can grant unintended write access due to a race in the THP mapcount check. This race condition can lead to local write acces...

7CVSS6.6AI score0.0036EPSS
CVE
CVE
added 2020/11/28 6:18 a.m.415 views

CVE-2020-29374

CVE-2020-29374 affects the Linux kernel and was fixed in 5.7.3. It concerns the get_user_pages (gup) implementation used for copy-on-write pages: when handling read operations, it may grant unintended write access, risking information disclosure or data corruption (COW cross-process leakage). Sev...

3.6CVSS4.9AI score0.00399EPSS
CVE
CVE
added 2020/04/02 8:14 p.m.413 views

CVE-2020-11494

The CVE-2020-11494 issue affects the Linux kernel slcan (serial line CAN) driver: in slcan.c, CAN headers for received packets may not be fully initialised when receiving data, enabling local attackers to read uninitialised can_frame data from kernel memory (information leak). Root cause is incom...

4.4CVSS5.3AI score0.00722EPSS
CVE
CVE
added 2020/09/15 10:14 p.m.412 views

CVE-2020-10767

CVE-2020-10767 affects the Linux kernel before 5.8-rc1, where Enhanced IBPB mitigation is disabled when STIBP is unavailable or when IBRS is available, enabling a Spectre V2–style attack on local confidentiality. Connected advisories confirm Linux kernel mitigations (IBPB/SSBD) and note a patched...

5.5CVSS5.8AI score0.00368EPSS
In wild
CVE
CVE
added 2020/06/03 2:44 a.m.410 views

CVE-2019-20811

CVE-2019-20811 affects the Linux kernel prior to 5.0.6, where a reference count is mishandled in rx_queue_add_kobject() and netdev_queue_add_kobject() within net/core/net-sysfs.c (CID-a3e23f719f5c). The issue was fixed in kernel 5.0.6 (ChangeLog-5.0.6). Exploitation would require local access and...

5.5CVSS5.8AI score0.00443EPSS
CVE
CVE
added 2020/01/16 3:22 p.m.409 views

CVE-2019-18282

CVE-2019-18282 affects the Linux kernel flow_dissector (Linux 4.3–5.x up to 5.3.10). The root cause is that UDP/IPv6 flow labels rely on a 32-bit hashrnd secret, with jhash used instead of siphash, allowing an attacker to infer the secret and track flows. Affected code includes net/core/flow_diss...

5.3CVSS6AI score0.02605EPSS
CVE
CVE
added 2020/05/12 6:58 p.m.407 views

CVE-2020-12826

CVE-2020-12826 affects the Linux kernel before 5.6.5. The root cause is an integer overflow in exec_id (include/linux/sched.h) due to 32-bit sizing, which can allow a child process to send an arbitrary signal to a parent process in a different security domain, bypassing protection. A patched vers...

5.3CVSS6AI score0.00706EPSS
CVE
CVE
added 2020/05/09 8:16 p.m.402 views

CVE-2020-12769

CVE-2020-12769 affects the Linux kernel prior to 5.4.17. The issue is in drivers/spi/spi-dw.c, where concurrent calls to dw_spi_irq and dw_spi_transfer_one can trigger a kernel panic (local exploit). The vulnerability is fixed in Linux kernel 5.4.17 (see ChangeLog-5.4.17). No exploit details are ...

5.5CVSS5.7AI score0.00652EPSS
CVE
CVE
added 2020/09/09 2:35 p.m.402 views

CVE-2020-1749

CVE-2020-1749 describes a flaw in the Linux kernel’s IPsec networking implementation (notably VXLAN and GENEVE tunnels over IPv6). When an encrypted tunnel is established between two hosts, tunneled data may be misrouted over the encrypted link, causing data to be sent unencrypted and potentially...

7.5CVSS7AI score0.0124EPSS
CVE
CVE
added 2020/02/06 12:6 a.m.400 views

CVE-2020-8647

Summary of CVE-2020-8647: A use-after-free? No — it is an MMIO out-of-bounds access in the vgacon driver (vt.c, vc_do_resize) of the Linux kernel, reported in the Debian/AlmaLinux advisories as CVE-2020-8647. Impact stated in Debian entries includes potential denial of service, memory corruption,...

6.1CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2020/08/19 12:0 a.m.397 views

CVE-2020-24394

CVE-2020-24394 affects the Linux kernel before 5.7.8 in the NFS server (fs/nfsd/vfs.c). The root cause is that ACL-less filesystems do not apply the current umask when creating new objects, allowing an attacker with local access to set incorrect permissions. Public details in connected advisories...

7.1CVSS6.8AI score0.00361EPSS
CVE
CVE
added 2020/10/02 6:14 p.m.395 views

CVE-2020-26541

CVE-2020-26541 : Local attacker can bypass the Secure Boot Forbidden Signature Database (dbx) protection in Linux kernels up to 5.8.13, affecting certs/blacklist.c and certs/system_keyring.c. Impact involves potential system integrity/confidentiality compromise. Connected sources confirm the issu...

6.9CVSS6.7AI score0.00528EPSS
CVE
CVE
added 2020/04/09 10:10 p.m.395 views

CVE-2020-8834

Affected software: Linux kernel KVM for PowerPC (KVM with Book3S HV on Power8). Vulnerability arises from conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry and in kvmppc_save_tm()/kvmppc_restore_tm, leading to stack corruption. Consequence: a guest VM kernel-space code execut...

6.5CVSS6.8AI score0.00347EPSS
CVE
CVE
added 2020/10/06 12:0 a.m.392 views

CVE-2020-25643

CVE-2020-25643 affects the Linux kernel HDLC_PPP module via improper input validation in ppp_cp_parse_cr, causing memory corruption and a read overflow that can lead to system crash or DoS. Public advisories confirm this vulnerability and reference the same root cause, with mitigations proposed a...

7.5CVSS7.2AI score0.03292EPSS
CVE
CVE
added 2020/04/29 5:59 p.m.389 views

CVE-2020-12464

CVE-2020-12464 is a Linux kernel use-after-free in the USB core path. The vulnerability stems from usb_sg_cancel in drivers/usb/core/message.c where a transfer can occur without a proper reference, enabling a local attacker to potentially crash or execute code. Connected documents confirm this is...

7.2CVSS6.6AI score0.00802EPSS
Total number of security vulnerabilities129