32 matches found
CVE-2021-22555
CVE-2021-22555 is a Linux kernel heap out-of-bounds write vulnerability in net/netfilter/x_tables.c, dating to 2.6.19-rc1. The issue allows a local attacker to gain privileges or cause a DoS via heap memory corruption in the username space. Public sources in the connected docs confirm the vulnera...
CVE-2020-8648
CVE-2020-8648 is a use-after-free in the Linux kernel’s n_tty_receive_buf_common function (drivers/tty/n_tty.c), affecting kernel builds up to 5.5.2. It is a local vulnerability; exploitation could crash the kernel (DoS), with CVSS notes indicating local access and high impact on availability. Co...
CVE-2020-12659
Concrete details found: CVE-2020-12659 affects the Linux kernel before 5.6.7. The vulnerability is an out-of-bounds write in xdp_umem_reg() of net/xdp/xdp_umem.c, exploitable by a user with CAP_NET_ADMIN due to missing headroom validation. Impact described across connected docs includes potential...
CVE-2019-20054
CVE-2019-20054 affects the Linux kernel prior to 5.0.6, with a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (related to put_links, CID-23da9588037e). The fix is included in kernel 5.0.6 (and later). Public exploit details are not provided in the supplied documents. Rec...
CVE-2019-19447
CVE-2019-19447 is a Linux kernel 5.0.21 flaw where mounting a crafted ext4 filesystem image can trigger a use-after-free in ext4_put_super (fs/ext4/super.c, related to dump_orphan_list). Reports in multiple connected sources corroborate a local, post-authentication impact with potential arbitrary...
CVE-2019-15221
CVE-2019-15221 affects the Linux kernel up to version 5.1.17. A NULL pointer dereference can be triggered by a malicious USB device via the sound/usb/line6/pcm.c driver, leading to denial of service or system instability. Affected component is the kernel sound USB Line6 PCM driver; root cause is ...
CVE-2019-15220
CVE-2019-15220 affects the Linux kernel prior to 5.2.1 and involves a use-after-free in the p54usb.c driver caused by a malicious USB device. The issue can lead to a denial of service via kernel memory corruption when a vulnerable USB device is connected to drivers/net/wireless/intersil/p54. The ...
CVE-2021-33200
CVE-2021-33200 affects the Linux kernel’s eBPF verifier (kernel/bpf/verifier.c) where incorrect limits for pointer arithmetic operations allow out-of-bounds reads/writes in kernel memory, enabling local privilege escalation to root. The issue exists in kernels up to 5.12.7 (upstream). The root ca...
CVE-2019-15217
The CVE-2019-15217 entry concerns a NULL pointer dereference in the Linux kernel before 5.2.3, triggered by a malicious USB device via the zr364xx USB driver (drivers/media/usb/zr364xx/zr364xx.c). The issue can lead to a denial of service on a physical USB attack vector. Public references indicat...
CVE-2020-12464
CVE-2020-12464 is a Linux kernel use-after-free in the USB core path. The vulnerability stems from usb_sg_cancel in drivers/usb/core/message.c where a transfer can occur without a proper reference, enabling a local attacker to potentially crash or execute code. Connected documents confirm this is...
CVE-2020-29573
CVE-2020-29573 affects the GNU C Library (glibc) on x86, where sysdeps/i386/ldbl2mpn.c allows a stack-based buffer overflow when a printf-family input is an 80-bit long double with a non-canonical pattern (example: 0x0004000000000000000000000000000000000004 passed to sprintf). Public notes indica...
CVE-2020-27786
CVE-2020-27786 affects the Linux kernel MIDI subsystem (rawmidi) with a use-after-free in the MIDI ioctl handling path. A local attacker with access to issue ioctl commands to MIDI devices could trigger memory corruption, potentially enabling privilege escalation. Public documentation in connecte...
CVE-2019-19947
CVE-2019-19947 affects the Linux kernel up to version 5.4.6, where the kvaser_usb_leaf.c driver (drivers/net/can/usb/kvaser_usb) leaks information from uninitialized memory to a USB device (CID-da2311a6385c). Connected advisories corroborate this kernel info-leak issue and link it to the Kvaser C...
CVE-2019-15219
This CVE (CVE-2019-15219) affects the Linux kernel prior to 5.1.8. Description confirms a NULL pointer dereference caused by a malicious USB device in drivers/usb/misc/sisusbvga/sisusb.c, enabling local hardware interaction to crash the system. Connected advisories (Unity Linux UTSA-2026-003808 a...
CVE-2021-41073
The CVE-2021-41073 issue affects the Linux kernel (affected versions 5.10 to 5.14.6) where loop_rw_iter in fs/io_uring.c can be abused via IORING_OP_PROVIDE_BUFFERS to trigger a use-after-free of a kernel buffer, enabling local privilege escalation. Exploitation relies on reading /proc//maps and ...
CVE-2019-19966
CVE-2019-19966 affects the Linux kernel prior to 5.1.6, where a use-after-free in cpia2_exit() (drivers/media/usb/cpia2/cpia2_v4l.c) can lead to denial of service. Connected advisories (Unity Linux UTSA-2026-004036 and related Nessus plugins) reference the same issue and note a fix in kernel 5.1....
CVE-2021-26708
CVE-2021-26708 describes a local privilege-escalation in the Linux kernel prior to 5.10.13 caused by race conditions in AF_VSOCK (net/vmw_vsock/af_vsock.c) related to wrong locking during VSOCK multi-transport changes. The vulnerability can be exploited via use-after-free primitives in the vsock_...
CVE-2019-15216
CVE-2019-15216 affects the Linux kernel prior to 5.0.14, with a NULL pointer dereference triggered by a malicious USB device in drivers/usb/misc/yurex.c. Exploitation could cause a denial of service; impact is indicated as HIGH for availability. A fix is available in kernel 5.0.14 and later. Reme...
CVE-2019-15218
CVE-2019-15218: Linux kernel before 5.1.8 contains a NULL pointer dereference in drivers/media/usb/siano/smsusb.c triggered by a malicious USB device. Affected is the Linux kernel version range up to 5.1.7; exploitation could lead to a crash or denial of service on affected systems. Remediation i...
CVE-2020-11884
CVE-2020-11884 affects the Linux kernel on s390x (versions 4.19–5.6.7). The issue is a race in enable_sacf_uaccess (arch/s390/lib/uaccess.c) that fails to protect against a concurrent page table upgrade (CID-3f777e19d171), potentially allowing code execution or a crash. The initial documents do n...
CVE-2019-15212
CVE-2019-15212 describes a vulnerability in the Linux kernel prior to 5.1.8 where a malicious USB device can trigger a double-free in drivers/usb/misc/rio500.c. This is a local/physical-access issue with potential impact to availability as per CVSS metrics shown. The connected Unity Nessus adviso...
CVE-2019-19922
CVE-2019-19922 affects the Linux kernel sched subsystem (kernel/sched/fair.c) and is triggered when cpu.cfs_quota_us is in use (e.g., with Kubernetes). The issue allows a local attacker to cause a denial of service for non–CPU-bound applications by generating work that triggers slice expiration, ...
CVE-2019-15211
CVE-2019-15211 : Linux kernel before 5.2.6 contains a use-after-free in drivers/media/v4l2-core/v4l2-dev.c triggered by a malicious USB device; the issue is tied to memory allocation in drivers/media/radio/radio-raremono.c. Evidence from multiple Nessus/SUSE/OpenOpen advisories confirms the descr...
CVE-2019-15213
CVE-2019-15213: Linux kernel before 5.2.3 contains a use-after-free in the DVB‑USB driver (drivers/media/usb/dvb-usb/dvb-usb-init.c) triggered by a malicious USB device. The issue is limited to the kernel plasma stack in this component and is mitigated by upgrading to kernel 5.2.3 or newer, per t...
CVE-2020-25669
CVE-2020-25669 is a Linux kernel use-after-free in sunkbd_reinit triggered after sunkbd interrupts and before freed; an alias remains after NULLing in sinkbd_disconnect, enabling a use-after-free condition. Documents indicate this is a kernel issue with local impact, potentially causing a crash o...
CVE-2019-15215
The CVE-2019-15215 issue is a use-after-free in the Linux kernel, caused by a malicious USB device via the cpia2_usb.c driver (drivers/media/usb/cpia2). Affected: kernel versions before 5.2.6. Impact: potential local denial of service or privilege issues due to use-after-free in USB cpia2 handlin...
CVE-2019-15222
CVE-2019-15222 entry is rejected/not used and not an active vulnerability.
CVE-2020-12465
CVE-2020-12465: An array overflow in mt76_add_fragment (drivers/net/wireless/mediatek/mt76/dma.c) of the Linux kernel before 5.5.10 can cause memory corruption by an oversized packet with too many RX fragments. The issue is documented in the Uniti/Miracle Linux advisories referencing CVE-2020-124...
CVE-2019-19377
CVE-2019-19377 concerns Linux kernel 5.0.21 where mounting a crafted btrfs image, performing actions, and unmounting can trigger a use-after-free in btrfs_queue_work (fs/btrfs/async-thread.c). Connected Nessus advisories for Unity Linux (UTSA-2026-004393) reiterate this, tying the issue to kernel...
CVE-2019-15223
CVE-2019-15223 affects the Linux kernel up to version 5.1.7 where a NULL pointer dereference can be triggered by a malicious USB device in the sound/usb/line6/driver.c driver. This is a local physical attack vector through USB, potentially causing a kernel crash by dereferencing a NULL pointer. T...
CVE-2020-15852
CVE-2020-15852 affects Linux kernel 5.5–5.7.9 (and Xen via 4.13.x for x86 PV guests). The issue stems from mishandling of tss_invalidate_io_bitmap, causing desynchronization between TSS I/O bitmaps and Xen, which may let an attacker gain I/O port permissions of an unrelated task. Public advisorie...
CVE-2020-25221
CVE-2020-25221 affects Linux kernel 5.7.x and 5.8.x before 5.8.7. The vulnerability arises in get_gate_page() implemented in mm/gup.c, due to incorrect reference counting of the backing struct page for the vsyscall page, causing a refcount underflow. It can be triggered by any 64-bit process that...