Max CVSS 10.0 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
02-11-2020 - 21:15 15-05-2020 - 18:15
CVE-2019-11479 5.0
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial
20-10-2020 - 22:15 19-06-2019 - 00:15
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
16-10-2020 - 17:53 25-04-2019 - 15:29
CVE-2019-7221 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
15-10-2020 - 13:28 21-03-2019 - 16:01
CVE-2018-9568 7.2
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi
15-10-2020 - 13:28 06-12-2018 - 14:29
CVE-2019-14835 7.2
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript
15-10-2020 - 13:28 17-09-2019 - 16:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
28-09-2020 - 16:15 15-05-2020 - 18:15
CVE-2020-10720 4.9
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
10-09-2020 - 14:46 03-09-2020 - 18:15
CVE-2018-3639 4.9
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
02-09-2020 - 21:15 22-05-2018 - 12:29
CVE-2014-2038 2.1
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from ke
26-08-2020 - 13:34 28-02-2014 - 06:18
CVE-2014-2523 10.0
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that tri
25-08-2020 - 13:55 24-03-2014 - 16:40
CVE-2019-5489 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af
24-08-2020 - 17:37 07-01-2019 - 17:29
CVE-2018-7566 4.6
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
24-08-2020 - 17:37 30-03-2018 - 21:29
CVE-2019-13272 7.2
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with
24-08-2020 - 17:37 17-07-2019 - 13:15
CVE-2019-11135 2.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
24-08-2020 - 17:37 14-11-2019 - 19:15
CVE-2019-11091 4.7
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
24-08-2020 - 17:37 30-05-2019 - 16:29
CVE-2019-11810 7.8
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a
24-08-2020 - 17:37 07-05-2019 - 14:29
CVE-2020-15780 7.2
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
21-08-2020 - 06:15 15-07-2020 - 22:15
CVE-2014-0196 6.9
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or
19-08-2020 - 19:40 07-05-2014 - 10:55
CVE-2014-3145 4.9
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read
19-08-2020 - 19:20 11-05-2014 - 21:55
CVE-2019-15239 7.2
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue tha
18-08-2020 - 15:05 20-08-2019 - 08:15
CVE-2014-9322 7.2
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t
14-08-2020 - 18:23 17-12-2014 - 11:59
CVE-2014-4943 6.9
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
14-08-2020 - 18:09 19-07-2014 - 19:55
CVE-2014-4667 5.0
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
14-08-2020 - 18:02 03-07-2014 - 04:22
CVE-2010-3904 7.2
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privile
14-08-2020 - 15:24 06-12-2010 - 20:13
CVE-2014-8369 4.6
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or p
13-08-2020 - 19:37 10-11-2014 - 11:55
CVE-2014-3646 4.7
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
13-08-2020 - 19:34 10-11-2014 - 11:55
CVE-2014-5077 7.1
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an assoc
13-08-2020 - 16:27 01-08-2014 - 11:13
CVE-2010-4668 4.7
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: th
12-08-2020 - 19:37 03-01-2011 - 20:00
CVE-2010-4243 4.9
fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a cr
12-08-2020 - 16:23 22-01-2011 - 22:00
CVE-2011-1573 4.3
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attacke
04-08-2020 - 17:50 02-02-2012 - 04:09
CVE-2011-1478 5.7
The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of servic
03-08-2020 - 15:00 23-10-2011 - 10:55
CVE-2011-2695 4.9
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number c
31-07-2020 - 19:59 28-07-2011 - 22:55
CVE-2012-3552 7.1
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of n
31-07-2020 - 11:33 03-10-2012 - 11:02
CVE-2011-2918 4.9
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
31-07-2020 - 10:19 24-05-2012 - 23:55
CVE-2012-0207 7.8
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
30-07-2020 - 19:39 17-05-2012 - 11:00
CVE-2020-10711 4.3
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
29-07-2020 - 19:15 22-05-2020 - 15:15
CVE-2011-1581 9.0
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue
29-07-2020 - 16:26 26-05-2011 - 16:55
CVE-2011-4326 7.1
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv
28-07-2020 - 12:59 17-05-2012 - 11:00
CVE-2011-4621 4.9
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.
27-07-2020 - 23:15 17-05-2012 - 11:00
CVE-2012-1097 7.2
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other
27-07-2020 - 20:14 17-05-2012 - 11:00
CVE-2011-1771 4.4
The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to
27-07-2020 - 20:13 06-09-2011 - 16:55
CVE-2011-2479 4.9
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.
27-07-2020 - 19:56 01-03-2013 - 12:37
CVE-2019-19338 2.1
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a hos
21-07-2020 - 17:17 13-07-2020 - 17:15
CVE-2018-3665 4.7
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
15-07-2020 - 03:15 21-06-2018 - 20:29
CVE-2020-12654 4.3
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
16-06-2020 - 20:15 05-05-2020 - 05:15
CVE-2020-12657 4.6
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
13-06-2020 - 09:15 05-05-2020 - 07:15
CVE-2020-2732 2.3
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that shou
10-06-2020 - 20:15 08-04-2020 - 22:15
CVE-2017-1000251 7.7
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot
03-06-2020 - 19:00 12-09-2017 - 17:29
CVE-2019-11811 6.9
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and
06-05-2020 - 15:14 07-05-2019 - 14:29
CVE-2019-19527 7.2
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
02-03-2020 - 20:15 03-12-2019 - 16:15
CVE-2016-5195 7.2
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc
17-02-2020 - 16:15 10-11-2016 - 21:59
CVE-2020-7053 4.6
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is relate
30-01-2020 - 16:15 14-01-2020 - 21:15
CVE-2019-0155 7.2
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G390
30-01-2020 - 11:15 14-11-2019 - 19:15
CVE-2019-9500 7.9
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an h
29-01-2020 - 15:19 16-01-2020 - 21:15
CVE-2019-9503 7.9
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will c
29-01-2020 - 15:17 16-01-2020 - 21:15
CVE-2019-18660 1.9
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.
28-01-2020 - 19:47 27-11-2019 - 23:15
CVE-2019-14896 10.0
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join
03-01-2020 - 11:15 27-11-2019 - 09:15
CVE-2016-6198 4.9
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related t
27-12-2019 - 16:08 06-08-2016 - 20:59
CVE-2016-4470 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
27-12-2019 - 16:08 27-06-2016 - 10:59
CVE-2019-17133 7.5
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
28-10-2019 - 02:15 04-10-2019 - 12:15
CVE-2019-17666 8.3
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
24-10-2019 - 19:15 17-10-2019 - 02:15
CVE-2018-14646 4.9
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assi
09-10-2019 - 23:35 26-11-2018 - 19:29
CVE-2018-10902 4.6
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi
09-10-2019 - 23:33 21-08-2018 - 19:29
CVE-2017-7518 4.6
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr
09-10-2019 - 23:29 30-07-2018 - 15:29
CVE-2017-7558 5.0
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in
09-10-2019 - 23:29 26-07-2018 - 15:29
CVE-2017-6214 5.0
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
03-10-2019 - 00:03 23-02-2017 - 17:59
CVE-2018-8897 7.2
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that
03-10-2019 - 00:03 08-05-2018 - 18:29
CVE-2017-7472 4.9
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
03-10-2019 - 00:03 11-05-2017 - 19:29
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
03-10-2019 - 00:03 28-04-2017 - 10:59
CVE-2017-5551 3.6
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid pro
03-10-2019 - 00:03 06-02-2017 - 06:59
CVE-2018-16597 4.9
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
03-10-2019 - 00:03 21-09-2018 - 16:29
CVE-2018-13405 4.6
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a me
03-10-2019 - 00:03 06-07-2018 - 14:29
CVE-2017-1000379 7.2
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
03-10-2019 - 00:03 19-06-2017 - 16:29
CVE-2019-9456 4.6
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation
24-09-2019 - 15:15 06-09-2019 - 22:15
CVE-2019-14821 7.2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher
24-09-2019 - 03:15 19-09-2019 - 18:15
CVE-2019-9506 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha
28-08-2019 - 11:15 14-08-2019 - 17:15
CVE-2019-3896 7.2
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
01-07-2019 - 20:15 19-06-2019 - 00:15
CVE-2019-9213 4.9
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check
17-06-2019 - 21:15 05-03-2019 - 22:29
CVE-2018-18559 6.8
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra
14-05-2019 - 23:29 22-10-2018 - 16:29
CVE-2013-6368 6.2
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
22-04-2019 - 17:48 14-12-2013 - 18:08
CVE-2015-3636 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and sy
22-04-2019 - 17:48 06-08-2015 - 01:59
CVE-2013-3301 7.2
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write acce
22-04-2019 - 17:48 29-04-2013 - 14:55
CVE-2014-3153 7.2
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe wai
22-04-2019 - 17:48 07-06-2014 - 14:55
CVE-2014-3917 3.3
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a lar
22-04-2019 - 17:48 05-06-2014 - 17:55
CVE-2013-4299 6.0
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
22-04-2019 - 17:48 24-10-2013 - 10:53
CVE-2013-2188 4.7
A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain write permissions, which allows local users to cause a
22-04-2019 - 17:48 16-07-2013 - 14:08
CVE-2013-0311 6.5
The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. Per https://access.
22-04-2019 - 17:48 22-02-2013 - 00:55
CVE-2011-0714 5.7
Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a
22-04-2019 - 17:48 04-05-2011 - 22:55
CVE-2018-5803 4.9
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
27-03-2019 - 16:17 12-06-2018 - 16:29
CVE-2018-5391 7.8
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments
21-03-2019 - 16:00 06-09-2018 - 21:29
CVE-2018-14634 7.2
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6
21-03-2019 - 16:00 25-09-2018 - 21:29
CVE-2018-6927 4.6
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
06-03-2019 - 21:38 12-02-2018 - 19:29
CVE-2018-8781 7.2
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissi
28-02-2019 - 01:03 23-04-2018 - 19:29
CVE-2015-8104 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
13-02-2019 - 20:52 16-11-2015 - 11:59
CVE-2017-9074 7.2
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
30-11-2018 - 21:33 19-05-2017 - 07:29
CVE-2015-8767 4.9
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
30-08-2018 - 16:53 08-02-2016 - 03:59
CVE-2016-9555 10.0
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified
13-08-2018 - 21:47 28-11-2016 - 03:59
CVE-2017-6074 7.2
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double
19-07-2018 - 01:29 18-02-2017 - 21:59
CVE-2017-14106 4.9
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
13-07-2018 - 01:29 01-09-2017 - 16:29
CVE-2017-7308 7.2
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
20-06-2018 - 01:29 29-03-2017 - 20:59
CVE-2017-12192 4.9
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial
16-03-2018 - 01:29 12-10-2017 - 00:29
CVE-2012-0056 6.9
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipp
18-01-2018 - 02:29 27-01-2012 - 15:55
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
05-01-2018 - 02:31 05-08-2017 - 16:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
05-01-2018 - 02:31 27-05-2017 - 01:29
CVE-2016-5829 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
05-01-2018 - 02:31 27-06-2016 - 10:59
CVE-2016-5696 5.8
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
05-01-2018 - 02:31 06-08-2016 - 20:59
CVE-2016-7117 10.0
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
05-01-2018 - 02:31 10-10-2016 - 11:00
CVE-2016-9084 4.6
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device fil
05-01-2018 - 02:31 28-11-2016 - 03:59
CVE-2016-8666 7.8
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrat
05-01-2018 - 02:31 16-10-2016 - 21:59
CVE-2017-2636 7.2
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
05-01-2018 - 02:31 07-03-2017 - 22:59
CVE-2016-4565 7.2
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
05-01-2018 - 02:30 23-05-2016 - 10:59
CVE-2015-3331 9.3
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of serv
05-01-2018 - 02:30 27-05-2015 - 10:59
CVE-2016-3841 7.2
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
05-01-2018 - 02:30 06-08-2016 - 20:59
CVE-2015-5366 5.0
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect chec
05-01-2018 - 02:30 31-08-2015 - 10:59
CVE-2016-2143 6.9
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted appli
05-01-2018 - 02:30 27-04-2016 - 17:59
CVE-2016-3044 4.9
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
05-01-2018 - 02:30 01-12-2016 - 11:59
CVE-2015-2830 1.9
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the
05-01-2018 - 02:30 27-05-2015 - 10:59
CVE-2012-1601 4.9
The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.
05-01-2018 - 02:29 17-05-2012 - 11:00
CVE-2015-1421 10.0
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by tri
05-01-2018 - 02:29 16-03-2015 - 10:59
CVE-2011-4131 4.6
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
29-12-2017 - 02:29 17-05-2012 - 11:00
CVE-2013-7265 4.9
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from ke
16-12-2017 - 02:29 06-01-2014 - 16:55
CVE-2017-1000253 7.2
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4f
09-12-2017 - 02:29 05-10-2017 - 01:29
CVE-2017-7541 7.2
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
08-12-2017 - 02:29 25-07-2017 - 04:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
06-12-2017 - 02:29 17-06-2017 - 18:29
CVE-2016-0728 7.2
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
10-11-2017 - 02:29 08-02-2016 - 03:59
CVE-2015-5156 6.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corrup
04-11-2017 - 01:29 19-10-2015 - 10:59
CVE-2015-7872 2.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
20-01-2017 - 02:59 16-11-2015 - 11:59
CVE-2013-2094 7.2
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
07-01-2017 - 02:59 14-05-2013 - 20:55
CVE-2014-7841 5.0
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malf
03-01-2017 - 02:59 30-11-2014 - 01:59
CVE-2015-3339 6.2
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but t
31-12-2016 - 02:59 27-05-2015 - 10:59
CVE-2016-0774 5.6
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do
03-12-2016 - 03:18 27-04-2016 - 17:59
CVE-2014-6410 4.7
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UD
23-08-2016 - 02:08 28-09-2014 - 10:55
CVE-2012-2383 4.9
Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (
23-08-2016 - 02:05 13-06-2012 - 10:24
CVE-2012-2373 4.0
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that t
23-08-2016 - 02:05 09-08-2012 - 10:29
CVE-2011-4110 2.1
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a
23-08-2016 - 02:04 27-01-2012 - 15:55
CVE-2015-0274 7.2
The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges
27-03-2015 - 01:59 16-03-2015 - 10:59
CVE-2013-4592 4.0
Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.
06-03-2014 - 04:47 20-11-2013 - 13:19
CVE-2013-2237 2.1
The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message fr
07-02-2014 - 04:46 04-07-2013 - 21:55
CVE-2012-3511 6.2
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. The
24-10-2013 - 03:40 04-10-2012 - 03:28
CVE-2013-0268 6.2
The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.
22-08-2013 - 06:48 18-02-2013 - 04:41
CVE-2012-3412 7.8
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
17-08-2013 - 06:46 03-10-2012 - 11:02
CVE-2013-0871 6.9
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.
21-06-2013 - 03:16 18-02-2013 - 04:41
CVE-2012-5517 4.0
The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by us
21-06-2013 - 03:14 21-12-2012 - 11:47
CVE-2013-1827 6.2
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsoc
05-06-2013 - 03:42 22-03-2013 - 11:59
CVE-2012-4530 2.1
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
05-06-2013 - 03:38 18-02-2013 - 04:41
CVE-2012-2745 4.7
The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork s
19-04-2013 - 03:22 09-08-2012 - 10:29
Back to Top Mark selected
Back to Top