VYPR

Vendor CVEs

Ubuntu

All CVEs

1,658 total · sorted by risk
  • CVE-2019-15925Sep 4, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

  • CVE-2018-21008Sep 4, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.

  • CVE-2019-15920Sep 4, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.

  • CVE-2019-15921Sep 4, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

  • CVE-2019-15922Sep 4, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.

  • CVE-2019-15923Sep 4, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

  • CVE-2019-15924Sep 4, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.

  • CVE-2019-15902Sep 4, 2019
    risk 0.00cvss epss 0.01

    A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()"…

  • CVE-2019-15807Aug 29, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

  • CVE-2019-11476Aug 29, 2019
    risk 0.00cvss epss 0.01

    An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the…

  • CVE-2019-15666Aug 27, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.

  • CVE-2019-15504Aug 23, 2019
    risk 0.00cvss epss 0.04

    drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

  • CVE-2019-15291Aug 20, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.

  • CVE-2019-15211Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.

  • CVE-2019-15216Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

  • CVE-2019-15217Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

  • CVE-2019-15218Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

  • CVE-2019-15219Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.

  • CVE-2019-15220Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

  • CVE-2019-15221Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

  • CVE-2019-15222Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

  • CVE-2019-15223Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

  • CVE-2018-20976Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.

  • CVE-2017-18550Aug 19, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.

  • CVE-2016-10907Aug 19, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.

  • CVE-2017-18552Aug 19, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

  • CVE-2019-15117Aug 16, 2019
    risk 0.00cvss epss 0.01

    parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.

  • CVE-2019-15118Aug 16, 2019
    risk 0.00cvss epss 0.01

    check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

  • CVE-2019-15098Aug 16, 2019
    risk 0.00cvss epss 0.01

    drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • CVE-2019-15090Aug 15, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

  • CVE-2017-18509Aug 13, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain…

  • CVE-2019-14763Aug 7, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.

  • CVE-2019-10142Jul 30, 2019
    risk 0.00cvss epss 0.00

    A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw…

  • CVE-2018-16871Jul 30, 2019
    risk 0.00cvss epss 0.03

    A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine…

  • CVE-2007-6762Jul 27, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

  • CVE-2011-5327Jul 27, 2019
    risk 0.00cvss epss 0.04

    In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.

  • CVE-2012-6712Jul 27, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

  • CVE-2016-10764Jul 27, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

  • CVE-2010-5332Jul 27, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free…

  • CVE-2010-5331Jul 27, 2019
    risk 0.00cvss epss 0.00

    In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard…

  • CVE-2018-20856Jul 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

  • CVE-2018-20854Jul 26, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.

  • CVE-2019-13631Jul 17, 2019
    risk 0.00cvss epss 0.01

    In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

  • CVE-2019-10639Jul 5, 2019
    risk 0.00cvss epss 0.03

    The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for…

  • CVE-2019-10638Jul 5, 2019
    risk 0.00cvss epss 0.03

    In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of…

  • CVE-2019-13233Jul 4, 2019
    risk 0.00cvss epss 0.00

    In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

  • CVE-2019-12984Jun 26, 2019
    risk 0.00cvss epss 0.02

    A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.

  • CVE-2019-12817Jun 25, 2019
    risk 0.00cvss epss 0.00

    arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.

  • CVE-2019-12819Jun 14, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.

  • CVE-2019-12818Jun 14, 2019
    risk 0.00cvss epss 0.05

    An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects…

Page 28 of 34