Vulnerabilities (CVE)

Vendor filter

Linux Subscribe

Product filter

Linux Kernel Subscribe

Filter

2280 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-12817 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2019-06-25 6.9
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of...
CVE-2019-12881 1 Linux 1 Linux Kernel 2019-06-24 4.6
i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via...
CVE-2019-11479 5 F5, Pulsesecure, Redhat and 2 more 24 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 21 more 2019-06-20 5.0
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a...
CVE-2019-11478 5 F5, Pulsesecure, Redhat and 2 more 25 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 22 more 2019-06-20 5.0
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a...
CVE-2019-11477 5 F5, Pulsesecure, Redhat and 2 more 25 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 22 more 2019-06-20 7.8
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service....
CVE-2019-12456 1 Linux 1 Linux Kernel 2019-06-20 7.2
** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other...
CVE-2019-3896 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-06-19 7.2
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
CVE-2019-12819 1 Linux 1 Linux Kernel 2019-06-18 2.1
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
CVE-2019-12818 1 Linux 1 Linux Kernel 2019-06-18 5.0
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of...
CVE-2019-10126 1 Linux 1 Linux Kernel 2019-06-17 7.5
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
CVE-2018-7566 6 Suse, Linux, Canonical and 3 more 12 Linux Enterprise Module For Public Cloud, Linux Kernel, Linux Enterprise Server and 9 more 2019-06-17 4.6
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2019-9213 5 Linux, Debian, Canonical and 2 more 5 Linux Kernel, Debian Linux, Ubuntu Linux and 2 more 2019-06-17 4.9
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability...
CVE-2019-9162 2 Linux, Netapp 2 Linux Kernel, Element Software Management 2019-06-15 4.6
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or...
CVE-2019-8956 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2019-06-15 7.2
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
CVE-2019-7221 7 Fedoraproject, Linux, Opensuse and 4 more 16 Fedora, Linux Kernel, Leap and 13 more 2019-06-15 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-11683 1 Linux 1 Linux Kernel 2019-06-15 10.0
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0...
CVE-2019-11486 1 Linux 1 Linux Kernel 2019-06-15 6.9
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-10125 1 Linux 1 Linux Kernel 2019-06-15 10.0
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(),...
CVE-2018-20669 1 Linux 1 Linux Kernel 2019-06-15 7.2
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL...
CVE-2013-7470 1 Linux 1 Linux Kernel 2019-06-15 7.1
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than...