VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2020-27194MedOct 16, 2020
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a.

  • CVE-2020-25643HigOct 6, 2020
    risk 0.00cvss 7.2epss 0.03

    A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest…

  • CVE-2020-25641MedOct 6, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic…

  • CVE-2020-26088MedSep 24, 2020
    risk 0.00cvss 5.5epss 0.00

    A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.

  • CVE-2020-14386MedSep 16, 2020
    risk 0.00cvss 6.7epss 0.01

    A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

  • CVE-2020-10781MedSep 16, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not…

  • CVE-2020-10768MedSep 16, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2…

  • CVE-2020-10767MedSep 15, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available.…

  • CVE-2020-10766MedSep 15, 2020
    risk 0.00cvss 5.5epss 0.00

    A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This…

  • CVE-2020-14385MedSep 15, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered…

  • CVE-2020-14314MedSep 15, 2020
    risk 0.00cvss 5.5epss 0.00

    A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this…

  • CVE-2020-25285MedSep 13, 2020
    risk 0.00cvss 6.4epss 0.00

    A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

  • CVE-2020-25284MedSep 13, 2020
    risk 0.00cvss 4.1epss 0.00

    The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

  • CVE-2020-10773MedSep 10, 2020
    risk 0.00cvss 4.4epss 0.00

    A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.

  • CVE-2020-25220HigSep 10, 2020
    risk 0.00cvss 7.8epss 0.00

    The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.

  • CVE-2020-25212HigSep 9, 2020
    risk 0.00cvss 7.0epss 0.00

    A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

  • CVE-2020-25211MedSep 9, 2020
    risk 0.00cvss 6.0epss 0.01

    In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka…

  • CVE-2020-10720MedSep 3, 2020
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.

  • CVE-2020-24394HigAug 19, 2020
    risk 0.00cvss 7.1epss 0.00

    In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

  • CVE-2020-16166LowJul 30, 2020
    risk 0.00cvss 3.7epss 0.05

    The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.

  • CVE-2020-15852HigJul 20, 2020
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization…

  • CVE-2020-15780MedJul 15, 2020
    risk 0.00cvss 6.7epss 0.01

    An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

  • CVE-2019-20908MedJul 15, 2020
    risk 0.00cvss 6.7epss 0.01

    An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

  • CVE-2020-15393MedJun 29, 2020
    risk 0.00cvss 5.5epss 0.00

    In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

  • CVE-2020-14416MedJun 18, 2020
    risk 0.00cvss 4.2epss 0.00

    In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.

  • CVE-2020-10732LowJun 12, 2020
    risk 0.00cvss 3.3epss 0.01

    A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

  • CVE-2020-10757HigJun 9, 2020
    risk 0.00cvss 7.8epss 0.01

    A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

  • CVE-2020-13974HigJun 9, 2020
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in…

  • CVE-2019-20812MedJun 3, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.

  • CVE-2019-20811MedJun 3, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

  • CVE-2019-20810MedJun 3, 2020
    risk 0.00cvss 5.5epss 0.00

    go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.

  • CVE-2020-10751MedMay 26, 2020
    risk 0.00cvss 6.1epss 0.00

    A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the…

  • CVE-2020-13143MedMay 18, 2020
    risk 0.00cvss 6.5epss 0.05

    gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

  • CVE-2020-12826MedMay 12, 2020
    risk 0.00cvss 5.3epss 0.01

    A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary…

  • CVE-2020-12770MedMay 9, 2020
    risk 0.00cvss 6.7epss 0.01

    An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

  • CVE-2020-12769MedMay 9, 2020
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

  • CVE-2020-12768MedMay 9, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will

  • CVE-2020-12659MedMay 5, 2020
    risk 0.00cvss 6.7epss 0.01

    An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

  • CVE-2020-12657HigMay 5, 2020
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.

  • CVE-2020-12655MedMay 5, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.

  • CVE-2020-12653HigMay 5, 2020
    risk 0.00cvss 7.8epss 0.00

    An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.

  • CVE-2020-12654HigMay 5, 2020
    risk 0.00cvss 7.1epss 0.01

    An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.

  • CVE-2020-12652MedMay 5, 2020
    risk 0.00cvss 4.1epss 0.00

    The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor…

  • CVE-2020-12465MedApr 29, 2020
    risk 0.00cvss 6.7epss 0.00

    An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

  • CVE-2020-12464MedApr 29, 2020
    risk 0.00cvss 6.7epss 0.01

    usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

  • CVE-2020-11884HigApr 29, 2020
    risk 0.00cvss 7.0epss 0.00

    In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A…

  • CVE-2020-11669MedApr 10, 2020
    risk 0.00cvss 5.5epss 0.00

    An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.

  • CVE-2020-11668HigApr 9, 2020
    risk 0.00cvss 7.1epss 0.00

    In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.

  • CVE-2019-20636MedApr 8, 2020
    risk 0.00cvss 6.7epss 0.00

    In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.

  • CVE-2020-11609MedApr 7, 2020
    risk 0.00cvss 4.3epss 0.01

    An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.

Page 292 of 320