Max CVSS 9.3 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-19448 6.8
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer
03-10-2023 - 15:39 08-12-2019 - 02:15
CVE-2020-14356 7.2
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
24-02-2023 - 18:42 19-08-2020 - 15:15
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
24-02-2023 - 18:42 16-09-2020 - 13:15
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
12-02-2023 - 23:40 15-09-2020 - 19:15
CVE-2019-3874 3.3
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
12-02-2023 - 23:38 25-03-2019 - 19:29
CVE-2019-19816 9.3
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandl
19-01-2023 - 16:05 17-12-2019 - 06:15
CVE-2020-14385 4.7
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o
06-12-2022 - 21:31 15-09-2020 - 22:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
14-11-2022 - 19:44 15-05-2020 - 18:15
CVE-2020-10781 4.9
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates
07-11-2022 - 20:16 16-09-2020 - 13:15
CVE-2020-14314 2.1
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The high
25-10-2022 - 17:00 15-09-2020 - 20:15
CVE-2020-25284 1.9
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
28-04-2022 - 18:32 13-09-2020 - 18:15
CVE-2020-25212 4.4
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b
28-04-2022 - 18:32 09-09-2020 - 16:15
CVE-2020-25285 4.4
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
28-04-2022 - 18:32 13-09-2020 - 18:15
CVE-2020-26088 2.1
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
27-04-2022 - 18:48 24-09-2020 - 15:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
26-04-2022 - 17:06 30-07-2020 - 21:15
CVE-2019-19813 7.1
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner
12-03-2021 - 16:11 17-12-2019 - 06:15
CVE-2019-3874 3.3
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
28-09-2020 - 16:15 25-03-2019 - 19:29
CVE-2019-19816 9.3
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandl
28-09-2020 - 16:15 17-12-2019 - 06:15
CVE-2019-19813 7.1
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner
28-09-2020 - 16:15 17-12-2019 - 06:15
CVE-2019-19448 6.8
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer
28-09-2020 - 16:15 08-12-2019 - 02:15
CVE-2020-26088 5.0
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
28-09-2020 - 16:15 24-09-2020 - 15:15
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
28-09-2020 - 16:15 15-09-2020 - 19:15
CVE-2020-25212 4.4
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b
28-09-2020 - 16:15 09-09-2020 - 16:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
28-09-2020 - 16:15 30-07-2020 - 21:15
CVE-2020-14314 2.1
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The high
28-09-2020 - 16:15 15-09-2020 - 20:15
CVE-2020-25285 4.4
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
28-09-2020 - 16:15 13-09-2020 - 18:15
CVE-2020-14385 4.7
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o
28-09-2020 - 16:15 15-09-2020 - 22:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
28-09-2020 - 16:15 15-05-2020 - 18:15
CVE-2020-25284 2.1
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
28-09-2020 - 16:15 13-09-2020 - 18:15
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
28-09-2020 - 16:15 16-09-2020 - 13:15
CVE-2020-14356 7.2
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
28-09-2020 - 16:15 19-08-2020 - 15:15
CVE-2020-10781 4.9
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates
28-09-2020 - 16:15 16-09-2020 - 13:15
CVE-2020-26088 5.0
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
28-09-2020 - 16:15 24-09-2020 - 15:15
Back to Top Mark selected
Back to Top