Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-13272 7.2
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with
24-07-2024 - 16:51 17-07-2019 - 13:15
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
26-04-2024 - 16:08 25-04-2019 - 15:29
CVE-2018-20169 7.2
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
04-03-2024 - 22:59 17-12-2018 - 07:29
CVE-2019-11599 6.9
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p
15-02-2024 - 15:56 29-04-2019 - 18:29
CVE-2019-15292 10.0
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
19-04-2023 - 14:08 21-08-2019 - 06:15
CVE-2019-11884 2.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a
03-03-2023 - 20:53 10-05-2019 - 22:29
CVE-2019-15212 4.9
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
03-03-2023 - 15:35 19-08-2019 - 22:15
CVE-2019-15218 4.9
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
03-03-2023 - 15:03 19-08-2019 - 22:15
CVE-2019-15220 4.9
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
03-03-2023 - 15:01 19-08-2019 - 22:15
CVE-2019-15221 4.9
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
03-03-2023 - 15:00 19-08-2019 - 22:15
CVE-2019-15216 4.9
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
03-03-2023 - 14:54 19-08-2019 - 22:15
CVE-2019-15215 4.9
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
03-03-2023 - 14:50 19-08-2019 - 22:15
CVE-2019-11833 2.1
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
01-03-2023 - 15:28 15-05-2019 - 13:29
CVE-2019-15211 4.9
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
01-03-2023 - 02:01 19-08-2019 - 22:15
CVE-2019-11487 7.2
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs
24-02-2023 - 18:43 23-04-2019 - 22:29
CVE-2019-3846 8.3
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
12-02-2023 - 23:38 03-06-2019 - 19:29
CVE-2019-10126 7.5
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
12-02-2023 - 23:32 14-06-2019 - 14:29
CVE-2019-11810 7.8
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a
02-12-2022 - 19:46 07-05-2019 - 14:29
CVE-2018-13099 4.3
An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.
07-10-2022 - 02:08 03-07-2018 - 10:29
CVE-2018-13096 4.3
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.
07-10-2022 - 02:06 03-07-2018 - 10:29
CVE-2019-2101 2.1
In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for
18-04-2022 - 17:16 07-06-2019 - 20:29
CVE-2019-14763 4.9
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
18-04-2022 - 16:04 07-08-2019 - 22:15
CVE-2019-9506 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha
04-11-2021 - 15:58 14-08-2019 - 17:15
CVE-2019-11815 9.3
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
21-07-2021 - 11:39 08-05-2019 - 14:29
CVE-2018-14613 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btr
14-06-2021 - 18:15 27-07-2018 - 04:29
CVE-2019-10639 5.0
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the
14-06-2021 - 18:15 05-07-2019 - 23:15
CVE-2019-10638 4.3
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to
14-06-2021 - 18:15 05-07-2019 - 23:15
CVE-2018-20784 7.5
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
02-06-2021 - 15:28 22-02-2019 - 15:29
CVE-2019-3819 4.9
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up
19-10-2020 - 17:43 25-01-2019 - 18:29
CVE-2019-0136 3.3
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
24-08-2020 - 17:37 13-06-2019 - 16:29
CVE-2018-14610 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk a
10-06-2020 - 13:15 27-07-2018 - 04:29
CVE-2018-14612 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/
10-06-2020 - 13:15 27-07-2018 - 04:29
CVE-2018-14611 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
10-06-2020 - 13:15 27-07-2018 - 04:29
CVE-2019-15090 4.6
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
05-05-2020 - 16:21 16-08-2019 - 00:15
CVE-2019-15214 6.9
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
06-03-2020 - 17:01 19-08-2019 - 22:15
CVE-2018-5383 4.3
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generat
03-10-2019 - 00:03 07-08-2018 - 21:29
CVE-2019-3701 4.9
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD
03-09-2019 - 00:15 03-01-2019 - 16:29
CVE-2018-19985 2.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr
03-09-2019 - 00:15 21-03-2019 - 16:00
CVE-2018-20856 4.6
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
13-08-2019 - 19:15 26-07-2019 - 05:15
CVE-2019-2024 7.2
In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi
13-08-2019 - 19:15 19-06-2019 - 21:15
CVE-2018-14617 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog
13-08-2019 - 19:15 27-07-2018 - 04:29
CVE-2018-14609 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not bee
13-08-2019 - 19:15 27-07-2018 - 04:29
CVE-2018-13098 4.3
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.
13-08-2019 - 19:15 03-07-2018 - 10:29
CVE-2018-14615 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.
13-08-2019 - 19:15 27-07-2018 - 04:29
CVE-2019-14283 4.6
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk h
11-08-2019 - 23:15 26-07-2019 - 13:15
CVE-2019-14284 2.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make
11-08-2019 - 23:15 26-07-2019 - 13:15
CVE-2018-13093 4.3
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a l
06-08-2019 - 17:15 03-07-2018 - 10:29
CVE-2019-12984 4.3
A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of ser
06-08-2019 - 08:15 26-06-2019 - 18:15
CVE-2019-13631 4.6
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
26-07-2019 - 03:15 17-07-2019 - 19:15
CVE-2019-13233 4.4
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
20-07-2019 - 12:15 04-07-2019 - 13:15
CVE-2019-12819 2.1
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
18-06-2019 - 15:15 14-06-2019 - 02:29
CVE-2019-12818 5.0
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of servi
18-06-2019 - 15:15 14-06-2019 - 02:29
CVE-2019-11085 4.6
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
31-05-2019 - 12:29 17-05-2019 - 16:29
CVE-2018-13053 2.1
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
23-04-2019 - 17:29 02-07-2018 - 12:29
CVE-2018-14614 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image.
03-04-2019 - 01:29 27-07-2018 - 04:29
CVE-2018-13097 4.3
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).
03-04-2019 - 01:29 03-07-2018 - 10:29
CVE-2018-14616 7.1
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.
03-04-2019 - 01:29 27-07-2018 - 04:29
CVE-2018-13100 4.3
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.
03-04-2019 - 01:29 03-07-2018 - 10:29
CVE-2018-20511 2.1
An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next f
01-04-2019 - 21:29 27-12-2018 - 14:29
CVE-2018-16862 2.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data
01-04-2019 - 21:29 26-11-2018 - 19:29
Back to Top Mark selected
Back to Top