Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-3900 | 6.8 |
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
|
26-04-2024 - 16:08 | 25-04-2019 - 15:29 | |
CVE-2019-11599 | 6.9 |
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p
|
15-02-2024 - 15:56 | 29-04-2019 - 18:29 | |
CVE-2019-15292 | 10.0 |
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
|
19-04-2023 - 14:08 | 21-08-2019 - 06:15 | |
CVE-2019-15212 | 4.9 |
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
|
03-03-2023 - 15:35 | 19-08-2019 - 22:15 | |
CVE-2019-15218 | 4.9 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
|
03-03-2023 - 15:03 | 19-08-2019 - 22:15 | |
CVE-2019-15220 | 4.9 |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
|
03-03-2023 - 15:01 | 19-08-2019 - 22:15 | |
CVE-2019-15221 | 4.9 |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
|
03-03-2023 - 15:00 | 19-08-2019 - 22:15 | |
CVE-2019-15216 | 4.9 |
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
|
03-03-2023 - 14:54 | 19-08-2019 - 22:15 | |
CVE-2019-15215 | 4.9 |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
|
03-03-2023 - 14:50 | 19-08-2019 - 22:15 | |
CVE-2019-15211 | 4.9 |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
|
01-03-2023 - 02:01 | 19-08-2019 - 22:15 | |
CVE-2019-11487 | 7.2 |
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs
|
24-02-2023 - 18:43 | 23-04-2019 - 22:29 | |
CVE-2019-11810 | 7.8 |
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a
|
02-12-2022 - 19:46 | 07-05-2019 - 14:29 | |
CVE-2019-14763 | 4.9 |
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
|
18-04-2022 - 16:04 | 07-08-2019 - 22:15 | |
CVE-2019-9506 | 4.8 |
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha
|
04-11-2021 - 15:58 | 14-08-2019 - 17:15 | |
CVE-2019-10639 | 5.0 |
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the
|
14-06-2021 - 18:15 | 05-07-2019 - 23:15 | |
CVE-2019-10638 | 4.3 |
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to
|
14-06-2021 - 18:15 | 05-07-2019 - 23:15 | |
CVE-2018-20784 | 7.5 |
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
|
02-06-2021 - 15:28 | 22-02-2019 - 15:29 | |
CVE-2019-3819 | 4.9 |
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up
|
19-10-2020 - 17:43 | 25-01-2019 - 18:29 | |
CVE-2019-0136 | 3.3 |
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
24-08-2020 - 17:37 | 13-06-2019 - 16:29 | |
CVE-2019-15090 | 4.6 |
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
|
05-05-2020 - 16:21 | 16-08-2019 - 00:15 | |
CVE-2019-15214 | 6.9 |
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
|
06-03-2020 - 17:01 | 19-08-2019 - 22:15 | |
CVE-2019-3701 | 4.9 |
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD
|
03-09-2019 - 00:15 | 03-01-2019 - 16:29 | |
CVE-2018-19985 | 2.1 |
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr
|
03-09-2019 - 00:15 | 21-03-2019 - 16:00 | |
CVE-2019-14283 | 4.6 |
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk h
|
11-08-2019 - 23:15 | 26-07-2019 - 13:15 | |
CVE-2019-14284 | 2.1 |
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make
|
11-08-2019 - 23:15 | 26-07-2019 - 13:15 | |
CVE-2019-13648 | 4.9 |
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal
|
30-07-2019 - 12:15 | 19-07-2019 - 13:15 | |
CVE-2019-13631 | 4.6 |
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
|
26-07-2019 - 03:15 | 17-07-2019 - 19:15 |