VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2020-12655MedMay 5, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.

  • CVE-2020-12653HigMay 5, 2020
    risk 0.00cvss 7.8epss 0.00

    An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.

  • CVE-2020-12654HigMay 5, 2020
    risk 0.00cvss 7.1epss 0.01

    An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.

  • CVE-2020-12652MedMay 5, 2020
    risk 0.00cvss 4.1epss 0.00

    The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor…

  • CVE-2020-12465MedApr 29, 2020
    risk 0.00cvss 6.7epss 0.00

    An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

  • CVE-2020-12464MedApr 29, 2020
    risk 0.00cvss 6.7epss 0.01

    usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

  • CVE-2020-11884HigApr 29, 2020
    risk 0.00cvss 7.0epss 0.00

    In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A…

  • CVE-2020-11669MedApr 10, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.

  • CVE-2020-11668HigApr 9, 2020
    risk 0.00cvss 7.1epss 0.00

    In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.

  • CVE-2019-20636MedApr 8, 2020
    risk 0.00cvss 6.7epss 0.00

    In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.

  • CVE-2020-11609MedApr 7, 2020
    risk 0.00cvss 4.3epss 0.01

    An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.

  • CVE-2020-11608MedApr 7, 2020
    risk 0.00cvss 4.3epss 0.01

    An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.

  • CVE-2020-11565MedApr 6, 2020
    risk 0.00cvss 6.0epss 0.01

    An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that…

  • CVE-2020-11494MedApr 2, 2020
    risk 0.00cvss 4.4epss 0.01

    An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks…

  • CVE-2020-8835HigApr 2, 2020
    risk 0.00cvss 7.8epss 0.06

    In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting…

  • CVE-2020-9391MedFeb 25, 2020
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka…

  • CVE-2020-9383HigFeb 25, 2020
    risk 0.00cvss 7.1epss 0.01

    An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

  • CVE-2020-8428HigJan 29, 2020
    risk 0.00cvss 7.1epss 0.01

    fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a…

  • CVE-2019-18282MedJan 16, 2020
    risk 0.00cvss 5.3epss 0.03

    The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of…

  • CVE-2020-7053HigJan 14, 2020
    risk 0.00cvss 7.8epss 0.01

    In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to…

Page 724 of 791