Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
12-02-2023 - 23:38 25-04-2019 - 15:29
CVE-2019-3882 4.9
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th
12-02-2023 - 23:38 24-04-2019 - 16:29
CVE-2017-18509 7.2
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbi
07-02-2023 - 22:01 13-08-2019 - 14:15
CVE-2018-20836 9.3
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
03-11-2022 - 02:22 07-05-2019 - 14:29
CVE-2019-10639 5.0
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the
14-06-2021 - 18:15 05-07-2019 - 23:15
CVE-2019-10638 4.3
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to
14-06-2021 - 18:15 05-07-2019 - 23:15
CVE-2015-8553 2.1
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
13-08-2019 - 23:15 13-04-2016 - 15:59
CVE-2018-20856 4.6
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
13-08-2019 - 19:15 26-07-2019 - 05:15
CVE-2019-14283 4.6
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk h
11-08-2019 - 23:15 26-07-2019 - 13:15
CVE-2019-14284 2.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make
11-08-2019 - 23:15 26-07-2019 - 13:15
CVE-2019-13648 4.9
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal
30-07-2019 - 12:15 19-07-2019 - 13:15
CVE-2019-13631 4.6
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
26-07-2019 - 03:15 17-07-2019 - 19:15
CVE-2018-5995 2.1
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
28-05-2019 - 19:29 07-08-2018 - 18:29
Back to Top Mark selected
Back to Top