Max CVSS | 7.8 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-20169 | 7.2 |
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
|
04-03-2024 - 22:59 | 17-12-2018 - 07:29 | |
CVE-2019-11487 | 7.2 |
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs
|
24-02-2023 - 18:43 | 23-04-2019 - 22:29 | |
CVE-2019-3901 | 1.9 |
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target
|
12-02-2023 - 23:38 | 22-04-2019 - 16:29 | |
CVE-2019-15916 | 7.8 |
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
|
17-01-2023 - 21:34 | 04-09-2019 - 15:15 | |
CVE-2020-12888 | 4.7 |
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
|
14-11-2022 - 19:44 | 15-05-2020 - 18:15 | |
CVE-2020-12888 | 4.7 |
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
|
28-09-2020 - 16:15 | 15-05-2020 - 18:15 | |
CVE-2019-18660 | 1.9 |
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.
|
28-01-2020 - 19:47 | 27-11-2019 - 23:15 | |
CVE-2019-13233 | 4.4 |
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
|
20-07-2019 - 12:15 | 04-07-2019 - 13:15 | |
CVE-2018-7191 | 4.9 |
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev nam
|
31-05-2019 - 12:29 | 17-05-2019 - 05:29 |