Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-19770 | 6.4 |
In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as deb
|
05-08-2024 - 03:15 | 12-12-2019 - 20:15 | |
CVE-2019-19046 | 6.8 |
A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0e
|
05-08-2024 - 02:15 | 18-11-2019 - 06:15 | |
CVE-2020-11565 | 3.6 |
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security
|
04-08-2024 - 12:15 | 06-04-2020 - 01:15 | |
CVE-2020-12659 | 7.2 |
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
|
01-02-2024 - 00:50 | 05-05-2020 - 07:15 | |
CVE-2019-20636 | 7.2 |
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
|
20-10-2023 - 21:00 | 08-04-2020 - 14:15 | |
CVE-2019-19447 | 6.8 |
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
|
03-10-2023 - 15:38 | 08-12-2019 - 01:15 | |
CVE-2019-15917 | 6.9 |
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
|
11-08-2023 - 19:54 | 04-09-2019 - 19:15 | |
CVE-2020-10732 | 3.6 |
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
|
06-06-2023 - 13:46 | 12-06-2020 - 14:15 | |
CVE-2020-12770 | 4.6 |
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
|
01-03-2023 - 03:07 | 09-05-2020 - 21:15 | |
CVE-2020-10751 | 3.6 |
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the
|
12-02-2023 - 23:39 | 26-05-2020 - 15:15 | |
CVE-2019-19332 | 5.6 |
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A us
|
12-02-2023 - 23:37 | 09-01-2020 - 15:15 | |
CVE-2020-0305 | 4.4 |
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:
|
03-02-2023 - 16:23 | 17-07-2020 - 20:15 | |
CVE-2019-20054 | 4.9 |
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
|
20-01-2023 - 20:19 | 28-12-2019 - 05:15 | |
CVE-2019-15925 | 7.2 |
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.
|
17-01-2023 - 21:33 | 04-09-2019 - 21:15 | |
CVE-2020-25641 | 4.9 |
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a
|
21-11-2022 - 19:36 | 06-10-2020 - 14:15 | |
CVE-2019-19063 | 4.9 |
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
|
07-11-2022 - 17:20 | 18-11-2019 - 06:15 | |
CVE-2019-19524 | 4.9 |
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
|
31-10-2022 - 14:52 | 03-12-2019 - 16:15 | |
CVE-2020-8648 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
|
28-07-2022 - 00:08 | 06-02-2020 - 01:15 | |
CVE-2020-12655 | 2.1 |
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.
|
12-07-2022 - 17:42 | 05-05-2020 - 06:15 | |
CVE-2019-9455 | 2.1 |
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
|
22-04-2022 - 20:12 | 06-09-2019 - 22:15 | |
CVE-2020-10942 | 5.4 |
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
|
22-04-2022 - 19:06 | 24-03-2020 - 22:15 | |
CVE-2019-9458 | 4.4 |
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
18-04-2022 - 16:13 | 06-09-2019 - 22:15 | |
CVE-2019-18808 | 2.1 |
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
|
18-04-2022 - 14:27 | 07-11-2019 - 16:15 | |
CVE-2020-8647 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
|
30-12-2021 - 20:50 | 06-02-2020 - 01:15 | |
CVE-2020-8649 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
|
30-12-2021 - 20:44 | 06-02-2020 - 01:15 | |
CVE-2020-10774 | 2.1 |
A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The
|
08-06-2021 - 17:31 | 27-05-2021 - 19:15 | |
CVE-2019-19319 | 4.4 |
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a mem
|
09-02-2021 - 19:15 | 27-11-2019 - 23:15 | |
CVE-2020-14381 | 4.6 |
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vul
|
08-12-2020 - 16:00 | 03-12-2020 - 17:15 | |
CVE-2019-18808 | 2.1 |
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
|
25-09-2020 - 23:15 | 07-11-2019 - 16:15 | |
CVE-2020-8648 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
|
24-09-2020 - 12:15 | 06-02-2020 - 01:15 | |
CVE-2019-19543 | 4.6 |
In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
|
24-09-2020 - 12:15 | 03-12-2019 - 21:15 | |
CVE-2019-19543 | 4.6 |
In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
|
24-09-2020 - 12:15 | 03-12-2019 - 21:15 | |
CVE-2019-18809 | 4.9 |
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
|
24-08-2020 - 17:37 | 07-11-2019 - 16:15 | |
CVE-2019-19072 | 4.9 |
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
|
24-08-2020 - 17:37 | 18-11-2019 - 06:15 | |
CVE-2019-19062 | 4.7 |
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
|
24-08-2020 - 17:37 | 18-11-2019 - 06:15 | |
CVE-2019-19068 | 4.9 |
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() fail
|
24-08-2020 - 17:37 | 18-11-2019 - 06:15 | |
CVE-2019-19056 | 4.7 |
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory()
|
24-08-2020 - 17:37 | 18-11-2019 - 06:15 | |
CVE-2020-12826 | 4.4 |
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child pro
|
22-06-2020 - 22:15 | 12-05-2020 - 19:15 | |
CVE-2020-11668 | 5.6 |
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
|
10-06-2020 - 20:15 | 09-04-2020 - 21:15 | |
CVE-2019-16233 | 4.7 |
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
|
06-05-2020 - 15:15 | 11-09-2019 - 16:15 | |
CVE-2019-16231 | 4.7 |
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
|
04-05-2020 - 20:22 | 11-09-2019 - 16:15 | |
CVE-2019-19533 | 2.1 |
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
|
18-01-2020 - 07:15 | 03-12-2019 - 16:15 | |
CVE-2019-19537 | 4.7 |
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.
|
18-01-2020 - 07:15 | 03-12-2019 - 16:15 | |
CVE-2019-19767 | 4.3 |
The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.
|
03-01-2020 - 11:15 | 12-12-2019 - 20:15 |