Max CVSS | 7.9 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-12382 | 4.9 |
An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and s
|
05-08-2024 - 00:15 | 28-05-2019 - 03:29 | |
CVE-2017-18595 | 7.2 |
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
|
07-03-2024 - 17:45 | 04-09-2019 - 21:15 | |
CVE-2018-20169 | 7.2 |
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
|
04-03-2024 - 22:59 | 17-12-2018 - 07:29 | |
CVE-2019-3901 | 1.9 |
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target
|
12-02-2023 - 23:38 | 22-04-2019 - 16:29 | |
CVE-2019-15916 | 7.8 |
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
|
17-01-2023 - 21:34 | 04-09-2019 - 15:15 | |
CVE-2020-10711 | 4.3 |
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
|
22-04-2022 - 18:53 | 22-05-2020 - 15:15 | |
CVE-2019-9503 | 7.9 |
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will c
|
18-04-2022 - 18:09 | 16-01-2020 - 21:15 | |
CVE-2019-10639 | 5.0 |
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the
|
14-06-2021 - 18:15 | 05-07-2019 - 23:15 | |
CVE-2019-19768 | 5.0 |
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
|
10-06-2020 - 20:15 | 12-12-2019 - 20:15 | |
CVE-2019-14283 | 4.6 |
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk h
|
11-08-2019 - 23:15 | 26-07-2019 - 13:15 | |
CVE-2019-13233 | 4.4 |
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
|
20-07-2019 - 12:15 | 04-07-2019 - 13:15 | |
CVE-2018-7191 | 4.9 |
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev nam
|
31-05-2019 - 12:29 | 17-05-2019 - 05:29 |