VYPR

Linux Kernel

by Ubuntu

Source repositories

CVEs (1,433)

  • CVE-2019-20810Jun 2, 2020
    risk 0.00cvss epss 0.00

    go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.

  • CVE-2019-20806May 27, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.

  • CVE-2020-10711May 22, 2020
    risk 0.00cvss epss 0.03

    A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import'…

  • CVE-2020-13143May 18, 2020
    risk 0.00cvss epss 0.05

    gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

  • CVE-2020-12888May 15, 2020
    risk 0.00cvss epss 0.00

    The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

  • CVE-2020-12826May 12, 2020
    risk 0.00cvss epss 0.01

    A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary…

  • CVE-2020-12769May 9, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

  • CVE-2020-12770May 9, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

  • CVE-2019-14898May 8, 2020
    risk 0.00cvss epss 0.00

    The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or…

  • CVE-2020-12659May 5, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

  • CVE-2020-12657May 5, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.

  • CVE-2020-12656May 5, 2020
    risk 0.00cvss epss 0.00

    gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not…

  • CVE-2020-12655May 5, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.

  • CVE-2020-12654May 5, 2020
    risk 0.00cvss epss 0.01

    An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.

  • CVE-2020-12652May 5, 2020
    risk 0.00cvss epss 0.00

    The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor…

  • CVE-2020-12114May 4, 2020
    risk 0.00cvss epss 0.00

    A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.

  • CVE-2020-12465Apr 29, 2020
    risk 0.00cvss epss 0.00

    An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

  • CVE-2020-11884Apr 29, 2020
    risk 0.00cvss epss 0.00

    In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A…

  • CVE-2020-11669Apr 10, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.

  • CVE-2020-8832Apr 9, 2020
    risk 0.00cvss epss 0.00

    The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92,…

Page 57 of 72