Max CVSS 10.0 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-1000253 7.2
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4f
11-09-2024 - 11:12 05-10-2017 - 01:29
CVE-2019-13272 7.2
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with
24-07-2024 - 16:51 17-07-2019 - 13:15
CVE-2016-5195 7.2
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc
24-07-2024 - 14:27 10-11-2016 - 21:59
CVE-2014-3153 7.2
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe wai
02-07-2024 - 12:17 07-06-2014 - 14:55
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
26-04-2024 - 16:08 25-04-2019 - 15:29
CVE-2016-2143 6.9
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted appli
14-03-2024 - 19:59 27-04-2016 - 17:59
CVE-2019-14821 7.2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher
16-02-2024 - 18:44 19-09-2019 - 18:15
CVE-2015-0274 7.2
The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges
15-02-2024 - 18:55 16-03-2015 - 10:59
CVE-2014-0196 6.9
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or
09-02-2024 - 19:24 07-05-2014 - 10:55
CVE-2014-4943 6.9
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
19-01-2024 - 17:50 19-07-2014 - 19:55
CVE-2019-14835 7.2
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript
15-12-2023 - 15:29 17-09-2019 - 16:15
CVE-2015-8104 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
10-10-2023 - 15:15 16-11-2015 - 11:59
CVE-2019-11479 5.0
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial
16-08-2023 - 14:17 19-06-2019 - 00:15
CVE-2019-11811 6.9
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and
11-08-2023 - 19:54 07-05-2019 - 14:29
CVE-2019-19527 7.2
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
04-08-2023 - 17:50 03-12-2019 - 16:15
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
21-06-2023 - 15:57 05-08-2017 - 16:29
CVE-2014-5077 7.1
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an assoc
19-05-2023 - 16:50 01-08-2014 - 11:13
CVE-2018-18559 6.8
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra
16-05-2023 - 11:14 22-10-2018 - 16:29
CVE-2020-25643 7.5
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial
16-05-2023 - 10:48 06-10-2020 - 14:15
CVE-2018-8781 7.2
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissi
03-03-2023 - 19:22 23-04-2018 - 19:29
CVE-2018-9568 7.2
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi
24-02-2023 - 18:43 06-12-2018 - 14:29
CVE-2017-2636 6.9
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
24-02-2023 - 18:43 07-03-2017 - 22:59
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
24-02-2023 - 18:42 16-09-2020 - 13:15
CVE-2017-9074 7.2
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
24-02-2023 - 18:40 19-05-2017 - 07:29
CVE-2017-7541 7.2
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
14-02-2023 - 21:37 25-07-2017 - 04:29
CVE-2017-7308 7.2
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
14-02-2023 - 18:32 29-03-2017 - 20:59
CVE-2018-14634 7.2
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6
13-02-2023 - 04:51 25-09-2018 - 21:29
CVE-2013-6368 6.2
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
13-02-2023 - 04:49 14-12-2013 - 18:08
CVE-2013-4592 4.0
Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.
13-02-2023 - 04:49 20-11-2013 - 13:19
CVE-2015-7872 2.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
13-02-2023 - 00:55 16-11-2015 - 11:59
CVE-2014-7841 5.0
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malf
13-02-2023 - 00:42 30-11-2014 - 01:59
CVE-2014-3646 4.7
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
13-02-2023 - 00:41 10-11-2014 - 11:55
CVE-2014-3145 4.9
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read
13-02-2023 - 00:39 11-05-2014 - 21:55
CVE-2014-2038 2.1
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from ke
13-02-2023 - 00:38 28-02-2014 - 06:18
CVE-2020-25662 3.3
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent rang
12-02-2023 - 23:40 05-11-2020 - 21:15
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
12-02-2023 - 23:40 15-09-2020 - 19:15
CVE-2019-3896 7.2
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
12-02-2023 - 23:38 19-06-2019 - 00:15
CVE-2019-14896 10.0
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join
12-02-2023 - 23:36 27-11-2019 - 09:15
CVE-2017-7558 5.0
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in
12-02-2023 - 23:31 26-07-2018 - 15:29
CVE-2018-10902 4.6
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi
12-02-2023 - 23:31 21-08-2018 - 19:29
CVE-2017-7472 4.9
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
12-02-2023 - 23:30 11-05-2017 - 19:29
CVE-2017-12192 4.9
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial
12-02-2023 - 23:28 12-10-2017 - 00:29
CVE-2016-4470 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
12-02-2023 - 23:21 27-06-2016 - 10:59
CVE-2015-5156 6.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corrup
12-02-2023 - 23:15 19-10-2015 - 10:59
CVE-2016-0728 7.2
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
12-02-2023 - 23:15 08-02-2016 - 03:59
CVE-2017-6074 7.2
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double
10-02-2023 - 00:53 18-02-2017 - 21:59
CVE-2014-2523 10.0
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that tri
19-01-2023 - 16:26 24-03-2014 - 16:40
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
19-01-2023 - 16:13 28-04-2017 - 10:59
CVE-2016-9555 10.0
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified
19-01-2023 - 16:13 28-11-2016 - 03:59
CVE-2016-7117 10.0
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
19-01-2023 - 16:13 10-10-2016 - 11:00
CVE-2015-3331 9.3
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of serv
19-01-2023 - 16:06 27-05-2015 - 10:59
CVE-2019-17666 8.3
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
19-01-2023 - 16:05 17-10-2019 - 02:15
CVE-2019-9500 7.9
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an h
19-01-2023 - 15:53 16-01-2020 - 21:15
CVE-2017-1000251 7.7
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot
19-01-2023 - 15:53 12-09-2017 - 17:29
CVE-2016-4565 7.2
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
17-01-2023 - 21:40 23-05-2016 - 10:59
CVE-2016-8666 7.8
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrat
17-01-2023 - 21:36 16-10-2016 - 21:59
CVE-2014-9322 7.2
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t
17-01-2023 - 21:29 17-12-2014 - 11:59
CVE-2016-5829 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
17-01-2023 - 21:16 27-06-2016 - 10:59
CVE-2017-1000379 7.2
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
17-01-2023 - 21:03 19-06-2017 - 16:29
CVE-2018-5391 7.8
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments
28-12-2022 - 18:07 06-09-2018 - 21:29
CVE-2019-11810 7.8
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a
02-12-2022 - 19:46 07-05-2019 - 14:29
CVE-2020-25211 3.6
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_connt
16-11-2022 - 15:08 09-09-2020 - 16:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
14-11-2022 - 19:44 15-05-2020 - 18:15
CVE-2015-1421 10.0
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by tri
03-11-2022 - 20:23 16-03-2015 - 10:59
CVE-2019-17133 7.5
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
03-11-2022 - 02:41 04-10-2019 - 12:15
CVE-2020-9383 3.6
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
29-10-2022 - 02:34 25-02-2020 - 16:15
CVE-2019-9456 4.6
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation
14-10-2022 - 01:39 06-09-2019 - 22:15
CVE-2019-9213 4.9
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check
12-10-2022 - 15:56 05-03-2019 - 22:29
CVE-2019-11135 2.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
07-10-2022 - 15:03 14-11-2019 - 19:15
CVE-2020-12352 3.3
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
12-08-2022 - 18:28 23-11-2020 - 17:15
CVE-2020-15780 7.2
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
27-04-2022 - 15:44 15-07-2020 - 22:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
26-04-2022 - 17:06 30-07-2020 - 21:15
CVE-2019-0155 7.2
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G390
22-04-2022 - 19:57 14-11-2019 - 19:15
CVE-2020-10711 4.3
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
22-04-2022 - 18:53 22-05-2020 - 15:15
CVE-2019-9503 7.9
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will c
18-04-2022 - 18:09 16-01-2020 - 21:15
CVE-2018-13405 4.6
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a memb
06-04-2022 - 15:28 06-07-2018 - 14:29
CVE-2020-8649 3.6
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
30-12-2021 - 20:44 06-02-2020 - 01:15
CVE-2016-5696 5.8
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
17-11-2021 - 22:15 06-08-2016 - 20:59
CVE-2019-9506 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha
04-11-2021 - 15:58 14-08-2019 - 17:15
CVE-2018-3639 2.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
13-08-2021 - 15:26 22-05-2018 - 12:29
CVE-2014-3917 3.3
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a lar
15-07-2021 - 19:16 05-06-2014 - 17:55
CVE-2018-3665 4.7
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
09-06-2021 - 16:24 21-06-2018 - 20:29
CVE-2014-4508 4.7
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscal
12-11-2020 - 22:15 23-06-2014 - 11:21
CVE-2019-7221 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
15-10-2020 - 13:28 21-03-2019 - 16:01
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
28-09-2020 - 16:15 15-09-2020 - 19:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
28-09-2020 - 16:15 30-07-2020 - 21:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
28-09-2020 - 16:15 15-05-2020 - 18:15
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
28-09-2020 - 16:15 16-09-2020 - 13:15
CVE-2020-10720 4.9
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
10-09-2020 - 14:46 03-09-2020 - 18:15
CVE-2019-5489 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af
24-08-2020 - 17:37 07-01-2019 - 17:29
CVE-2018-7566 4.6
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
24-08-2020 - 17:37 30-03-2018 - 21:29
CVE-2019-11091 4.7
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
24-08-2020 - 17:37 30-05-2019 - 16:29
CVE-2019-15239 7.2
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue tha
18-08-2020 - 15:05 20-08-2019 - 08:15
CVE-2014-4667 5.0
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
14-08-2020 - 18:02 03-07-2014 - 04:22
CVE-2014-8369 4.6
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or p
13-08-2020 - 19:37 10-11-2014 - 11:55
CVE-2019-19338 2.1
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a hos
21-07-2020 - 17:17 13-07-2020 - 17:15
CVE-2020-12654 4.3
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
16-06-2020 - 20:15 05-05-2020 - 05:15
CVE-2020-12657 4.6
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
13-06-2020 - 09:15 05-05-2020 - 07:15
CVE-2020-2732 2.3
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that shou
10-06-2020 - 20:15 08-04-2020 - 22:15
CVE-2020-7053 4.6
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is relate
30-01-2020 - 16:15 14-01-2020 - 21:15
CVE-2019-18660 1.9
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.
28-01-2020 - 19:47 27-11-2019 - 23:15
CVE-2016-6198 4.9
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related t
27-12-2019 - 16:08 06-08-2016 - 20:59
CVE-2018-14646 4.9
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assi
09-10-2019 - 23:35 26-11-2018 - 19:29
CVE-2017-7518 4.6
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr
09-10-2019 - 23:29 30-07-2018 - 15:29
CVE-2017-6214 5.0
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
03-10-2019 - 00:03 23-02-2017 - 17:59
CVE-2018-8897 7.2
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that
03-10-2019 - 00:03 08-05-2018 - 18:29
CVE-2017-5551 3.6
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid pro
03-10-2019 - 00:03 06-02-2017 - 06:59
CVE-2018-16597 4.9
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
03-10-2019 - 00:03 21-09-2018 - 16:29
CVE-2015-3636 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and sy
22-04-2019 - 17:48 06-08-2015 - 01:59
CVE-2018-5803 4.9
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
27-03-2019 - 16:17 12-06-2018 - 16:29
CVE-2018-6927 4.6
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
06-03-2019 - 21:38 12-02-2018 - 19:29
CVE-2015-8767 4.9
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
30-08-2018 - 16:53 08-02-2016 - 03:59
CVE-2017-14106 4.9
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
13-07-2018 - 01:29 01-09-2017 - 16:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
05-01-2018 - 02:31 27-05-2017 - 01:29
CVE-2016-9084 4.6
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device fil
05-01-2018 - 02:31 28-11-2016 - 03:59
CVE-2016-3841 7.2
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
05-01-2018 - 02:30 06-08-2016 - 20:59
CVE-2015-5366 5.0
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect chec
05-01-2018 - 02:30 31-08-2015 - 10:59
CVE-2016-3044 4.9
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
05-01-2018 - 02:30 01-12-2016 - 11:59
CVE-2015-2830 1.9
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the
05-01-2018 - 02:30 27-05-2015 - 10:59
CVE-2013-7265 4.9
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from ke
16-12-2017 - 02:29 06-01-2014 - 16:55
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
06-12-2017 - 02:29 17-06-2017 - 18:29
CVE-2015-3339 6.2
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but t
31-12-2016 - 02:59 27-05-2015 - 10:59
CVE-2016-0774 5.6
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do
03-12-2016 - 03:18 27-04-2016 - 17:59
CVE-2014-6410 4.7
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UD
23-08-2016 - 02:08 28-09-2014 - 10:55
Back to Top Mark selected
Back to Top