Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-3900 | 6.8 |
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
|
26-04-2024 - 16:08 | 25-04-2019 - 15:29 | |
CVE-2019-11599 | 6.9 |
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p
|
15-02-2024 - 15:56 | 29-04-2019 - 18:29 | |
CVE-2019-11833 | 2.1 |
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
|
01-03-2023 - 15:28 | 15-05-2019 - 13:29 | |
CVE-2019-7222 | 2.1 |
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
|
28-02-2023 - 20:45 | 21-03-2019 - 16:01 | |
CVE-2018-16885 | 4.9 |
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault
|
13-02-2023 - 04:52 | 03-01-2019 - 16:29 | |
CVE-2018-14625 | 4.4 |
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gath
|
13-02-2023 - 04:51 | 10-09-2018 - 13:29 | |
CVE-2019-3882 | 4.9 |
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th
|
12-02-2023 - 23:38 | 24-04-2019 - 16:29 | |
CVE-2019-10140 | 4.9 |
A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c.
|
12-02-2023 - 23:32 | 15-08-2019 - 17:15 | |
CVE-2018-9363 | 7.2 |
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne
|
19-01-2023 - 16:01 | 06-11-2018 - 17:29 | |
CVE-2019-11810 | 7.8 |
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a
|
02-12-2022 - 19:46 | 07-05-2019 - 14:29 | |
CVE-2019-9456 | 4.6 |
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation
|
14-10-2022 - 01:39 | 06-09-2019 - 22:15 | |
CVE-2019-3460 | 3.3 |
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
|
22-04-2022 - 20:06 | 11-04-2019 - 16:29 | |
CVE-2019-3459 | 3.3 |
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
|
22-04-2022 - 20:05 | 11-04-2019 - 16:29 | |
CVE-2019-5489 | 2.1 |
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af
|
24-08-2020 - 17:37 | 07-01-2019 - 17:29 | |
CVE-2018-18281 | 4.6 |
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain f
|
24-08-2020 - 17:37 | 30-10-2018 - 18:29 | |
CVE-2018-13095 | 4.3 |
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents
|
24-08-2020 - 17:37 | 03-07-2018 - 10:29 | |
CVE-2018-8087 | 4.9 |
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
|
03-10-2019 - 00:03 | 13-03-2018 - 06:29 | |
CVE-2018-15594 | 2.1 |
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
|
03-10-2019 - 00:03 | 20-08-2018 - 08:29 | |
CVE-2018-10853 | 4.6 |
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process co
|
03-10-2019 - 00:03 | 11-09-2018 - 14:29 | |
CVE-2018-9516 | 7.2 |
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e
|
06-08-2019 - 17:15 | 06-11-2018 - 17:29 | |
CVE-2018-16658 | 3.6 |
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds
|
06-08-2019 - 17:15 | 07-09-2018 - 14:29 | |
CVE-2018-13093 | 4.3 |
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a l
|
06-08-2019 - 17:15 | 03-07-2018 - 10:29 | |
CVE-2018-14734 | 6.1 |
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
|
23-04-2019 - 17:29 | 29-07-2018 - 23:29 | |
CVE-2018-13094 | 4.3 |
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.
|
23-04-2019 - 17:29 | 03-07-2018 - 10:29 | |
CVE-2018-13053 | 2.1 |
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
|
23-04-2019 - 17:29 | 02-07-2018 - 12:29 | |
CVE-2018-9517 | 7.2 |
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: A
|
03-04-2019 - 01:29 | 07-12-2018 - 23:29 | |
CVE-2018-7755 | 2.1 |
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioc
|
04-10-2018 - 10:29 | 08-03-2018 - 07:29 |