VYPR

Kernel

by Red Hat

CVEs (140)

  • CVE-2020-10711May 22, 2020
    risk 0.00cvss epss 0.03

    A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import'…

  • CVE-2020-0220May 14, 2020
    risk 0.00cvss epss 0.00

    In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0110May 14, 2020
    risk 0.00cvss epss 0.00

    In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-10690May 8, 2020
    risk 0.00cvss epss 0.00

    There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if…

  • CVE-2020-0068Apr 17, 2020
    risk 0.00cvss epss 0.00

    In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: Android. Versions:…

  • CVE-2020-0067Apr 17, 2020
    risk 0.00cvss epss 0.00

    In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions:…

  • CVE-2020-0044Mar 10, 2020
    risk 0.00cvss epss 0.00

    In set_nonce of fpc_ta_qc_auth.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0030Feb 13, 2020
    risk 0.00cvss epss 0.00

    In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2019-9471Jan 6, 2020
    risk 0.00cvss epss 0.00

    In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2019-9472Jan 6, 2020
    risk 0.00cvss epss 0.00

    In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android…

  • CVE-2019-14901Nov 29, 2019
    risk 0.00cvss epss 0.17

    A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with…

  • CVE-2019-14897Nov 29, 2019
    risk 0.00cvss epss 0.03

    A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations…

  • CVE-2019-14895Nov 29, 2019
    risk 0.00cvss epss 0.08

    A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This…

  • CVE-2019-14896Nov 27, 2019
    risk 0.00cvss epss 0.09

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called…

  • CVE-2019-10207Nov 25, 2019
    risk 0.00cvss epss 0.01

    A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call…

  • CVE-2019-9453Sep 6, 2019
    risk 0.00cvss epss 0.00

    In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-9245Sep 6, 2019
    risk 0.00cvss epss 0.00

    In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-9458Sep 6, 2019
    risk 0.00cvss epss 0.00

    In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-9450Sep 6, 2019
    risk 0.00cvss epss 0.00

    In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-9443Sep 6, 2019
    risk 0.00cvss epss 0.00

    In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execution privileges needed. User interaction…

Page 6 of 7