Max CVSS | 7.8 | Min CVSS | 4.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-11477 | 7.8 |
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This ha
|
27-02-2024 - 21:04 | 19-06-2019 - 00:15 | |
CVE-2019-11478 | 5.0 |
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia
|
27-02-2024 - 21:04 | 19-06-2019 - 00:15 | |
CVE-2019-11479 | 5.0 |
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial
|
16-08-2023 - 14:17 | 19-06-2019 - 00:15 | |
CVE-2019-10161 | 7.2 |
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
|
25-03-2021 - 14:09 | 30-07-2019 - 23:15 | |
CVE-2019-10168 | 4.6 |
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will ex
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10167 | 4.6 |
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to pro
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10166 | 4.6 |
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had alre
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2019-10161 | 7.2 |
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
|
30-09-2020 - 14:47 | 30-07-2019 - 23:15 |