Max CVSS 7.8 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-20169 7.2
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
04-03-2024 - 22:59 17-12-2018 - 07:29
CVE-2019-14821 7.2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher
16-02-2024 - 18:44 19-09-2019 - 18:15
CVE-2019-11599 6.9
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p
15-02-2024 - 15:56 29-04-2019 - 18:29
CVE-2018-16884 6.7
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container
11-08-2023 - 19:12 18-12-2018 - 22:29
CVE-2019-11884 2.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a
03-03-2023 - 20:53 10-05-2019 - 22:29
CVE-2019-11833 2.1
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
01-03-2023 - 15:28 15-05-2019 - 13:29
CVE-2019-7222 2.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
28-02-2023 - 20:45 21-03-2019 - 16:01
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
12-02-2023 - 23:38 25-04-2019 - 15:29
CVE-2019-3882 4.9
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th
12-02-2023 - 23:38 24-04-2019 - 16:29
CVE-2019-3874 3.3
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
12-02-2023 - 23:38 25-03-2019 - 19:29
CVE-2019-10207 2.1
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially
12-02-2023 - 23:33 25-11-2019 - 14:15
CVE-2019-10126 7.5
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
12-02-2023 - 23:32 14-06-2019 - 14:29
CVE-2019-15916 7.8
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
17-01-2023 - 21:34 04-09-2019 - 15:15
CVE-2019-3460 3.3
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
22-04-2022 - 20:06 11-04-2019 - 16:29
CVE-2019-3459 3.3
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
22-04-2022 - 20:05 11-04-2019 - 16:29
CVE-2019-9506 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha
04-11-2021 - 15:58 14-08-2019 - 17:15
CVE-2019-16994 4.7
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
21-07-2021 - 11:39 30-09-2019 - 13:15
CVE-2019-10638 4.3
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to
14-06-2021 - 18:15 05-07-2019 - 23:15
CVE-2019-3874 3.3
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
28-09-2020 - 16:15 25-03-2019 - 19:29
CVE-2020-10720 4.9
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
10-09-2020 - 14:46 03-09-2020 - 18:15
CVE-2019-5489 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af
24-08-2020 - 17:37 07-01-2019 - 17:29
CVE-2019-15921 4.7
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
24-08-2020 - 17:37 04-09-2019 - 19:15
CVE-2019-15666 4.9
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
23-04-2020 - 17:29 27-08-2019 - 05:15
CVE-2018-19854 1.9
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sens
06-11-2019 - 01:15 04-12-2018 - 16:29
CVE-2019-15924 4.9
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
14-09-2019 - 04:15 04-09-2019 - 19:15
CVE-2018-19985 2.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr
03-09-2019 - 00:15 21-03-2019 - 16:00
CVE-2019-13233 4.4
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
20-07-2019 - 12:15 04-07-2019 - 13:15
Back to Top Mark selected
Back to Top