|Max CVSS||7.8||Min CVSS||2.1||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel a
|24-09-2019 - 20:15||01-02-2019 - 22:29|
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
|20-09-2019 - 14:15||15-02-2019 - 15:29|
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
|10-09-2019 - 22:15||03-12-2018 - 17:29|
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
|06-08-2019 - 17:15||21-03-2019 - 16:01|
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check
|17-06-2019 - 21:15||05-03-2019 - 22:29|
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or loc
|15-06-2019 - 01:29||25-02-2019 - 23:29|
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
|15-06-2019 - 01:29||01-04-2019 - 19:29|
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
|15-06-2019 - 01:29||21-03-2019 - 16:01|
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
|16-05-2019 - 15:29||22-02-2019 - 15:29|
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
|06-05-2019 - 19:24||21-02-2019 - 05:29|
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
|12-04-2019 - 12:29||18-02-2019 - 18:29|