Linux Kernel
by Ubuntu
Source repositories
CVEs (1,433)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15220 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. | |||
| CVE-2019-15221 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | |||
| CVE-2019-15222 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. | |||
| CVE-2019-15223 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. | |||
| CVE-2018-20976 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |||
| CVE-2017-18550 | 0.00 | — | 0.01 | Aug 19, 2019 | An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure. | |||
| CVE-2016-10907 | 0.00 | — | 0.00 | Aug 19, 2019 | An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt. | |||
| CVE-2017-18552 | 0.00 | — | 0.00 | Aug 19, 2019 | An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency. | |||
| CVE-2019-15117 | 0.00 | — | 0.01 | Aug 16, 2019 | parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. | |||
| CVE-2019-15118 | 0.00 | — | 0.01 | Aug 16, 2019 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | |||
| CVE-2019-15098 | 0.00 | — | 0.01 | Aug 16, 2019 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |||
| CVE-2019-15090 | 0.00 | — | 0.00 | Aug 15, 2019 | An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. | |||
| CVE-2017-18509 | 0.00 | — | 0.01 | Aug 13, 2019 | An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain… | |||
| CVE-2019-14763 | 0.00 | — | 0.00 | Aug 7, 2019 | In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. | |||
| CVE-2019-10142 | 0.00 | — | 0.00 | Jul 30, 2019 | A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw… | |||
| CVE-2018-16871 | 0.00 | — | 0.03 | Jul 30, 2019 | A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine… | |||
| CVE-2007-6762 | 0.00 | — | 0.03 | Jul 27, 2019 | In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. | |||
| CVE-2011-5327 | 0.00 | — | 0.04 | Jul 27, 2019 | In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. | |||
| CVE-2012-6712 | 0.00 | — | 0.03 | Jul 27, 2019 | In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. | |||
| CVE-2016-10764 | 0.00 | — | 0.03 | Jul 27, 2019 | In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead. |
- CVE-2019-15220Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
- CVE-2019-15221Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
- CVE-2019-15222Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
- CVE-2019-15223Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.
- CVE-2018-20976Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
- CVE-2017-18550Aug 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.
- CVE-2016-10907Aug 19, 2019risk 0.00cvss —epss 0.00
An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.
- CVE-2017-18552Aug 19, 2019risk 0.00cvss —epss 0.00
An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.
- CVE-2019-15117Aug 16, 2019risk 0.00cvss —epss 0.01
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
- CVE-2019-15118Aug 16, 2019risk 0.00cvss —epss 0.01
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
- CVE-2019-15098Aug 16, 2019risk 0.00cvss —epss 0.01
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- CVE-2019-15090Aug 15, 2019risk 0.00cvss —epss 0.00
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
- CVE-2017-18509Aug 13, 2019risk 0.00cvss —epss 0.01
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain…
- CVE-2019-14763Aug 7, 2019risk 0.00cvss —epss 0.00
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
- CVE-2019-10142Jul 30, 2019risk 0.00cvss —epss 0.00
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw…
- CVE-2018-16871Jul 30, 2019risk 0.00cvss —epss 0.03
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine…
- CVE-2007-6762Jul 27, 2019risk 0.00cvss —epss 0.03
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.
- CVE-2011-5327Jul 27, 2019risk 0.00cvss —epss 0.04
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.
- CVE-2012-6712Jul 27, 2019risk 0.00cvss —epss 0.03
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.
- CVE-2016-10764Jul 27, 2019risk 0.00cvss —epss 0.03
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
Page 64 of 72