Max CVSS 7.2 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-9383 3.6
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
04-01-2021 - 23:15 25-02-2020 - 16:15
CVE-2020-13143 4.3
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753
04-01-2021 - 23:15 18-05-2020 - 18:15
CVE-2020-11494 2.1
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configurati
04-01-2021 - 23:15 02-04-2020 - 21:15
CVE-2020-12114 1.9
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a m
14-10-2020 - 22:15 04-05-2020 - 12:15
CVE-2020-8648 3.6
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
24-09-2020 - 12:15 06-02-2020 - 01:15
CVE-2020-8648 3.6
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
24-09-2020 - 12:15 06-02-2020 - 01:15
CVE-2019-20811 2.1
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
23-09-2020 - 20:15 03-06-2020 - 03:15
CVE-2019-20811 2.1
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
23-09-2020 - 20:15 03-06-2020 - 03:15
CVE-2020-10757 6.9
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
15-09-2020 - 15:15 09-06-2020 - 13:15
CVE-2019-19319 4.4
In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset
24-08-2020 - 17:37 27-11-2019 - 23:15
CVE-2019-2182 4.6
In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n
24-08-2020 - 17:37 06-09-2019 - 22:15
CVE-2019-19462 4.9
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
04-08-2020 - 21:15 30-11-2019 - 01:15
CVE-2020-12770 4.6
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
29-07-2020 - 19:15 09-05-2020 - 21:15
CVE-2020-10711 4.3
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
29-07-2020 - 19:15 22-05-2020 - 15:15
CVE-2020-10751 3.6
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the
15-07-2020 - 19:15 26-05-2020 - 15:15
CVE-2020-12464 7.2
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
22-06-2020 - 22:15 29-04-2020 - 18:15
CVE-2019-20806 2.1
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.
19-06-2020 - 11:15 27-05-2020 - 12:15
CVE-2020-12654 4.3
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
16-06-2020 - 20:15 05-05-2020 - 05:15
CVE-2020-12652 4.7
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76
13-06-2020 - 09:15 05-05-2020 - 05:15
CVE-2020-12653 4.6
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer ov
13-06-2020 - 09:15 05-05-2020 - 06:15
CVE-2020-11609 4.9
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer derefer
13-06-2020 - 09:15 07-04-2020 - 17:15
CVE-2020-11608 4.9
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
13-06-2020 - 09:15 07-04-2020 - 14:15
CVE-2020-8649 3.6
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
10-06-2020 - 20:15 06-02-2020 - 01:15
CVE-2019-5108 3.3
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has c
10-06-2020 - 20:15 23-12-2019 - 19:15
CVE-2020-8428 3.6
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may
10-06-2020 - 20:15 29-01-2020 - 00:15
CVE-2019-19768 5.0
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
10-06-2020 - 20:15 12-12-2019 - 20:15
CVE-2020-8647 3.6
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
10-06-2020 - 20:15 06-02-2020 - 01:15
CVE-2020-2732 2.3
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that shou
10-06-2020 - 20:15 08-04-2020 - 22:15
CVE-2020-11565 3.6
** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone
10-06-2020 - 20:15 06-04-2020 - 01:15
CVE-2020-11668 5.6
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
10-06-2020 - 20:15 09-04-2020 - 21:15
CVE-2020-10942 5.4
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
10-06-2020 - 20:15 24-03-2020 - 22:15
Back to Top Mark selected
Back to Top