VYPR

Vendor CVEs

Ubuntu

All CVEs

1,658 total · sorted by risk
  • CVE-2020-8835Apr 2, 2020
    risk 0.00cvss epss 0.06

    In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting…

  • CVE-2020-9391Feb 25, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka…

  • CVE-2020-9383Feb 25, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

  • CVE-2020-6977Feb 20, 2020
    risk 0.00cvss epss 0.00

    A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resulting in access to the underlying operating system. Affected devices include…

  • CVE-2011-0699Feb 20, 2020
    risk 0.00cvss epss 0.00

    Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

  • CVE-2011-2498Feb 20, 2020
    risk 0.00cvss epss 0.00

    The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

  • CVE-2020-8992Feb 14, 2020
    risk 0.00cvss epss 0.00

    ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

  • CVE-2012-0810Feb 12, 2020
    risk 0.00cvss epss 0.00

    The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.

  • CVE-2019-11484Feb 8, 2020
    risk 0.00cvss epss 0.00

    Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

  • CVE-2020-8647Feb 6, 2020
    risk 0.00cvss epss 0.00

    There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

  • CVE-2020-8649Feb 6, 2020
    risk 0.00cvss epss 0.00

    There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

  • CVE-2020-8428Jan 28, 2020
    risk 0.00cvss epss 0.01

    fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a…

  • CVE-2019-18282Jan 16, 2020
    risk 0.00cvss epss 0.03

    The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of…

  • CVE-2007-4774Jan 15, 2020
    risk 0.00cvss epss 0.02

    The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

  • CVE-2019-20095Dec 30, 2019
    risk 0.00cvss epss 0.00

    mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.

  • CVE-2019-19922Dec 22, 2019
    risk 0.00cvss epss 0.01

    kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1.…

  • CVE-2019-19815Dec 17, 2019
    risk 0.00cvss epss 0.02

    In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.

  • CVE-2019-19816Dec 17, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.

  • CVE-2019-19813Dec 17, 2019
    risk 0.00cvss epss 0.02

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c,…

  • CVE-2019-19814Dec 17, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.

  • CVE-2019-19767Dec 12, 2019
    risk 0.00cvss epss 0.02

    The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.

  • CVE-2019-19769Dec 12, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).

  • CVE-2019-19449Dec 8, 2019
    risk 0.00cvss epss 0.02

    In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).

  • CVE-2019-19447Dec 8, 2019
    risk 0.00cvss epss 0.04

    In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.

  • CVE-2019-19602Dec 5, 2019
    risk 0.00cvss epss 0.01

    fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx…

  • CVE-2019-19524Dec 3, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.

  • CVE-2019-19528Dec 3, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.

  • CVE-2019-19532Dec 3, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c,…

  • CVE-2019-19533Dec 3, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.

  • CVE-2019-19534Dec 3, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.

  • CVE-2019-19535Dec 3, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.

  • CVE-2019-19536Dec 3, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.

  • CVE-2019-19462Nov 30, 2019
    risk 0.00cvss epss 0.00

    relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

  • CVE-2019-19377Nov 29, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

  • CVE-2019-14895Nov 29, 2019
    risk 0.00cvss epss 0.08

    A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This…

  • CVE-2019-19318Nov 27, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

  • CVE-2019-19319Nov 27, 2019
    risk 0.00cvss epss 0.01

    In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka…

  • CVE-2019-10220Nov 27, 2019
    risk 0.00cvss epss 0.05

    Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

  • CVE-2019-14896Nov 27, 2019
    risk 0.00cvss epss 0.09

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called…

  • CVE-2019-10207Nov 25, 2019
    risk 0.00cvss epss 0.01

    A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call…

  • CVE-2019-18675Nov 25, 2019
    risk 0.00cvss epss 0.01

    The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel…

  • CVE-2019-14815Nov 25, 2019
    risk 0.00cvss epss 0.00

    A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

  • CVE-2019-19227Nov 22, 2019
    risk 0.00cvss epss 0.01

    In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client,…

  • CVE-2019-19083Nov 18, 2019
    risk 0.00cvss epss 0.01

    Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in…

  • CVE-2019-19079Nov 18, 2019
    risk 0.00cvss epss 0.03

    A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.

  • CVE-2019-19078Nov 18, 2019
    risk 0.00cvss epss 0.07

    A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.

  • CVE-2019-19077Nov 18, 2019
    risk 0.00cvss epss 0.00

    A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.

  • CVE-2019-19074Nov 18, 2019
    risk 0.00cvss epss 0.04

    A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.

  • CVE-2019-19073Nov 18, 2019
    risk 0.00cvss epss 0.01

    Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the…

  • CVE-2019-19072Nov 18, 2019
    risk 0.00cvss epss 0.00

    A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.

Page 26 of 34