Max CVSS 6.9 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-3901 1.9
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target
04-12-2020 - 18:15 22-04-2019 - 16:29
CVE-2019-3882 4.9
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th
13-11-2020 - 16:15 24-04-2019 - 16:29
CVE-2019-6133 4.4
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin
24-08-2020 - 17:37 11-01-2019 - 14:29
CVE-2019-11599 6.9
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p
24-08-2020 - 17:37 29-04-2019 - 18:29
CVE-2019-11486 6.9
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
15-06-2019 - 01:29 23-04-2019 - 22:29
CVE-2019-11190 4.7
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition wh
07-06-2019 - 07:29 12-04-2019 - 00:29
CVE-2019-3459 3.3
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
28-05-2019 - 19:29 11-04-2019 - 16:29
CVE-2018-5995 2.1
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
28-05-2019 - 19:29 07-08-2018 - 18:29
CVE-2019-3460 3.3
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
28-05-2019 - 19:29 11-04-2019 - 16:29
Back to Top Mark selected
Back to Top