Vulnerabilities (CVE)

Vendor filter

Linux Subscribe

Product filter

Linux Kernel Subscribe

Filter

2383 total CVE
CVE Vendors Products Updated CVSS
CVE-2010-5331 1 Linux 1 Linux Kernel 2019-10-12 7.5
In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem.
CVE-2019-17351 2 Linux, Xen 2 Linux Kernel, Xen 2019-10-11 4.9
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest...
CVE-2017-18595 1 Linux 1 Linux Kernel 2019-10-11 7.2
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
CVE-2019-16229 1 Linux 1 Linux Kernel 2019-10-10 7.8
** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious...
CVE-2019-17133 1 Linux 1 Linux Kernel 2019-10-10 7.5
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
CVE-2019-15902 4 Linux, Netapp, Debian and 1 more 6 Linux Kernel, Active Iq Performance Analytics Services, Service Processor and 3 more 2019-10-10 4.7
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible...
CVE-2019-12455 1 Linux 1 Linux Kernel 2019-10-10 4.9
** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL...
CVE-2019-12380 1 Linux 1 Linux Kernel 2019-10-10 2.1
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation...
CVE-2019-3837 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2019-10-09 4.9
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on...
CVE-2019-10142 1 Linux 1 Linux Kernel 2019-10-09 4.6
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size...
CVE-2018-6559 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2019-10-09 2.1
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
CVE-2018-6555 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2019-10-09 7.2
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have...
CVE-2018-6554 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2019-10-09 4.9
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
CVE-2018-1130 4 Canonical, Debian, Linux and 1 more 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more 2019-10-09 4.9
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
CVE-2018-1120 4 Redhat, Debian, Linux and 1 more 9 Enterprise Mrg, Debian Linux, Linux Kernel and 6 more 2019-10-09 3.5
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as...
CVE-2018-1118 4 Linux, Redhat, Canonical and 1 more 7 Linux Kernel, Virtualization Host, Ubuntu Linux and 4 more 2019-10-09 2.1
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some...
CVE-2018-1087 4 Canonical, Debian, Linux and 1 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2019-10-09 4.6
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov...
CVE-2018-16882 2 Linux, Canonical 2 Linux Kernel, Ubuntu Linux 2019-10-09 7.2
A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it...
CVE-2018-14656 1 Linux 1 Linux Kernel 2019-10-09 2.1
A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.
CVE-2018-14646 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 4 more 2019-10-09 4.9
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is...