Kernel Security Vulnerabilities and Issues — Kernel CVE List

Lucene search

RedhatKernel

21 matches found

CVE•added 2020/05/22 3:15 p.m.•616 views

CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processin...

5.9CVSS6.5AI score0.00671EPSS

CVE•added 2019/11/29 3:15 p.m.•487 views

CVE-2019-14901

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is...

10CVSS9.7AI score0.03033EPSS

CVE•added 2019/07/30 5:15 p.m.•451 views

CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to th...

7.5CVSS7.1AI score0.00649EPSS

CVE•added 2019/11/25 2:15 p.m.•437 views

CVE-2019-10207

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system ...

5.5CVSS6.7AI score0.00228EPSS

CVE•added 2019/04/25 3:29 p.m.•418 views

CVE-2019-3900

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to st...

7.7CVSS8.4AI score0.00118EPSS

CVE•added 2020/05/08 3:15 p.m.•374 views

CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying devi...

6.5CVSS6.5AI score0.00024EPSS

CVE•added 2019/11/27 9:15 a.m.•349 views

CVE-2019-14896

A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects...

10CVSS9.6AI score0.0177EPSS

CVE•added 2018/06/20 1:29 p.m.•317 views

CVE-2018-1120

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call ...

5.3CVSS6.3AI score0.00986EPSS

CVE•added 2019/11/29 3:15 p.m.•308 views

CVE-2019-14897

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of...

9.8CVSS9.6AI score0.007EPSS

CVE•added 2019/11/29 2:15 p.m.•289 views

CVE-2019-14895

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote d...

9.8CVSS9.9AI score0.01257EPSS

CVE•added 2018/11/26 7:29 p.m.•260 views

CVE-2018-14646

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of serv...

5.5CVSS5.3AI score0.00043EPSS

CVE•added 2020/09/10 5:15 p.m.•224 views

CVE-2020-10773

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.

4.4CVSS5AI score0.00042EPSS

CVE•added 2018/07/30 3:29 p.m.•204 views

CVE-2017-7518

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to poten...

7.8CVSS7.3AI score0.0009EPSS

CVE•added 2018/07/30 2:29 p.m.•192 views

CVE-2017-7482

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and pos...

7.8CVSS7.6AI score0.00135EPSS

CVE•added 2019/07/30 5:15 p.m.•120 views

CVE-2019-10142

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system,...

7.8CVSS6AI score0.00054EPSS

CVE•added 2020/11/05 9:15 p.m.•117 views

CVE-2020-25661

A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on th...

8.8CVSS8.6AI score0.03752EPSS

CVE•added 2018/08/30 12:29 p.m.•107 views

CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bei...

7.8CVSS7.5AI score0.00118EPSS

CVE•added 2020/11/05 9:15 p.m.•106 views

CVE-2020-25662

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the s...

6.5CVSS7.2AI score0.01686EPSS

CVE•added 2004/09/01 4:0 a.m.•79 views

CVE-2004-0077

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulne...

7.2CVSS6.2AI score0.0057EPSS

CVE•added 2004/02/17 5:0 a.m.•55 views

CVE-2003-0700

The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.

7.5CVSS6.4AI score0.00576EPSS

CVE•added 2004/12/06 5:0 a.m.•54 views

CVE-2004-0619

Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.

7.2CVSS7.6AI score0.00068EPSS