VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2019-19059MedNov 18, 2019
    risk 0.00cvss 4.7epss 0.00

    Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or…

  • CVE-2019-19058MedNov 18, 2019
    risk 0.00cvss 4.7epss 0.00

    A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.

  • CVE-2019-19057LowNov 18, 2019
    risk 0.00cvss 3.3epss 0.01

    Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.

  • CVE-2019-19056MedNov 18, 2019
    risk 0.00cvss 4.7epss 0.00

    A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka…

  • CVE-2019-19055MedNov 18, 2019
    risk 0.00cvss 5.5epss 0.00

    A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties…

  • CVE-2019-19054MedNov 18, 2019
    risk 0.00cvss 4.7epss 0.00

    A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

  • CVE-2019-19053HigNov 18, 2019
    risk 0.00cvss 7.5epss 0.03

    A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

  • CVE-2019-19052HigNov 18, 2019
    risk 0.00cvss 7.5epss 0.05

    A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.

  • CVE-2019-19051MedNov 18, 2019
    risk 0.00cvss 5.5epss 0.01

    A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.

  • CVE-2019-19050HigNov 18, 2019
    risk 0.00cvss 7.5epss 0.05

    A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

  • CVE-2019-18813HigNov 7, 2019
    risk 0.00cvss 7.5epss 0.04

    A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.

  • CVE-2019-18810HigNov 7, 2019
    risk 0.00cvss 7.5epss 0.03

    A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka…

  • CVE-2019-18807HigNov 7, 2019
    risk 0.00cvss 7.5epss 0.03

    Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or…

  • CVE-2019-18806MedNov 7, 2019
    risk 0.00cvss 5.5epss 0.00

    A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.

  • CVE-2019-18805CriNov 7, 2019
    risk 0.00cvss 9.8epss 0.03

    An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of…

  • CVE-2019-17351MedOct 8, 2019
    risk 0.00cvss 6.5epss 0.00

    An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.

  • CVE-2019-17056LowOct 1, 2019
    risk 0.00cvss 3.3epss 0.01

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-17055LowOct 1, 2019
    risk 0.00cvss 3.3epss 0.01

    base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

  • CVE-2019-17054LowOct 1, 2019
    risk 0.00cvss 3.3epss 0.01

    atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.

  • CVE-2019-17053LowOct 1, 2019
    risk 0.00cvss 3.3epss 0.01

    ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.

  • CVE-2019-17052LowOct 1, 2019
    risk 0.00cvss 3.3epss 0.01

    ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

  • CVE-2019-14816HigSep 20, 2019
    risk 0.00cvss 7.8epss 0.01

    There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14814HigSep 20, 2019
    risk 0.00cvss 7.8epss 0.01

    There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-16413HigSep 19, 2019
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.

  • CVE-2019-15031MedSep 13, 2019
    risk 0.00cvss 4.4epss 0.01

    In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then…

  • CVE-2019-15030MedSep 13, 2019
    risk 0.00cvss 4.4epss 0.00

    In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction…

  • CVE-2019-15927HigSep 4, 2019
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.

  • CVE-2019-15926CriSep 4, 2019
    risk 0.00cvss 9.1epss 0.05

    An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

  • CVE-2019-15925HigSep 4, 2019
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

  • CVE-2018-21008MedSep 4, 2019
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.

  • CVE-2017-18595HigSep 4, 2019
    risk 0.00cvss 7.8epss 0.00

    An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.

  • CVE-2019-15924MedSep 4, 2019
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.

  • CVE-2019-15923MedSep 4, 2019
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

  • CVE-2019-15922MedSep 4, 2019
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.

  • CVE-2019-15921MedSep 4, 2019
    risk 0.00cvss 4.7epss 0.01

    An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

  • CVE-2019-15920MedSep 4, 2019
    risk 0.00cvss 4.3epss 0.02

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.

  • CVE-2019-15919LowSep 4, 2019
    risk 0.00cvss 3.3epss 0.00

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.

  • CVE-2019-15918HigSep 4, 2019
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

  • CVE-2019-15917HigSep 4, 2019
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.

  • CVE-2019-15916HigSep 4, 2019
    risk 0.00cvss 7.5epss 0.04

    An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.

  • CVE-2019-15807MedAug 29, 2019
    risk 0.00cvss 4.7epss 0.00

    In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

  • CVE-2019-15666MedAug 27, 2019
    risk 0.00cvss 4.4epss 0.02

    An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.

  • CVE-2019-15538HigAug 25, 2019
    risk 0.00cvss 7.5epss 0.04

    An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails.…

  • CVE-2019-15292MedAug 21, 2019
    risk 0.00cvss 4.7epss 0.03

    An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.

  • CVE-2019-15239HigAug 20, 2019
    risk 0.00cvss 7.8epss 0.01

    In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by…

  • CVE-2019-15223MedAug 19, 2019
    risk 0.00cvss 4.6epss 0.01

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

  • CVE-2019-15222MedAug 19, 2019
    risk 0.00cvss 4.6epss 0.01

    An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

  • CVE-2019-15221MedAug 19, 2019
    risk 0.00cvss 4.6epss 0.01

    An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

  • CVE-2019-15220MedAug 19, 2019
    risk 0.00cvss 4.6epss 0.01

    An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

  • CVE-2019-15219MedAug 19, 2019
    risk 0.00cvss 4.6epss 0.01

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.

Page 294 of 320