Max CVSS | 7.2 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-11565 | 3.6 |
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security
|
04-08-2024 - 12:15 | 06-04-2020 - 01:15 | |
CVE-2020-10757 | 6.9 |
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
|
19-01-2024 - 17:51 | 09-06-2020 - 13:15 | |
CVE-2020-12464 | 7.2 |
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
|
12-10-2023 - 14:10 | 29-04-2020 - 18:15 | |
CVE-2020-12770 | 4.6 |
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
|
01-03-2023 - 03:07 | 09-05-2020 - 21:15 | |
CVE-2020-10751 | 3.6 |
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the
|
12-02-2023 - 23:39 | 26-05-2020 - 15:15 | |
CVE-2019-20811 | 2.1 |
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
|
20-01-2023 - 18:37 | 03-06-2020 - 03:15 | |
CVE-2020-13143 | 4.3 |
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753
|
29-10-2022 - 02:36 | 18-05-2020 - 18:15 | |
CVE-2020-9383 | 3.6 |
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
|
29-10-2022 - 02:34 | 25-02-2020 - 16:15 | |
CVE-2020-8648 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
|
28-07-2022 - 00:08 | 06-02-2020 - 01:15 | |
CVE-2019-5108 | 3.3 |
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has c
|
17-06-2022 - 13:18 | 23-12-2019 - 19:15 | |
CVE-2020-11494 | 2.1 |
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configurati
|
29-04-2022 - 13:26 | 02-04-2020 - 21:15 | |
CVE-2020-12653 | 4.6 |
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer ov
|
26-04-2022 - 17:37 | 05-05-2020 - 06:15 | |
CVE-2020-10942 | 5.4 |
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
|
22-04-2022 - 19:06 | 24-03-2020 - 22:15 | |
CVE-2020-10711 | 4.3 |
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
|
22-04-2022 - 18:53 | 22-05-2020 - 15:15 | |
CVE-2020-8647 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
|
30-12-2021 - 20:50 | 06-02-2020 - 01:15 | |
CVE-2020-8649 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
|
30-12-2021 - 20:44 | 06-02-2020 - 01:15 | |
CVE-2020-12114 | 1.9 |
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a m
|
14-06-2021 - 18:15 | 04-05-2020 - 12:15 | |
CVE-2019-19319 | 4.4 |
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a mem
|
09-02-2021 - 19:15 | 27-11-2019 - 23:15 | |
CVE-2019-19462 | 4.9 |
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
|
29-01-2021 - 16:32 | 30-11-2019 - 01:15 | |
CVE-2020-8648 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
|
24-09-2020 - 12:15 | 06-02-2020 - 01:15 | |
CVE-2019-20811 | 2.1 |
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
|
23-09-2020 - 20:15 | 03-06-2020 - 03:15 | |
CVE-2019-2182 | 4.6 |
In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n
|
24-08-2020 - 17:37 | 06-09-2019 - 22:15 | |
CVE-2019-20806 | 2.1 |
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.
|
19-06-2020 - 11:15 | 27-05-2020 - 12:15 | |
CVE-2020-12654 | 4.3 |
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
|
16-06-2020 - 20:15 | 05-05-2020 - 05:15 | |
CVE-2020-12652 | 4.7 |
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76
|
13-06-2020 - 09:15 | 05-05-2020 - 05:15 | |
CVE-2020-11609 | 4.9 |
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer derefer
|
13-06-2020 - 09:15 | 07-04-2020 - 17:15 | |
CVE-2020-11608 | 4.9 |
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
|
13-06-2020 - 09:15 | 07-04-2020 - 14:15 | |
CVE-2020-8428 | 3.6 |
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may
|
10-06-2020 - 20:15 | 29-01-2020 - 00:15 | |
CVE-2019-19768 | 5.0 |
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
|
10-06-2020 - 20:15 | 12-12-2019 - 20:15 | |
CVE-2020-2732 | 2.3 |
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that shou
|
10-06-2020 - 20:15 | 08-04-2020 - 22:15 | |
CVE-2020-11668 | 5.6 |
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
|
10-06-2020 - 20:15 | 09-04-2020 - 21:15 |