Linux

Linux Kernel

14022 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2019-15794

  • EPSS 0.38%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...

7.8

CVE-2020-11725

Exploit
  • EPSS 0.13%
  • Veröffentlicht 12.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:29

snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, ...

5.5

CVE-2020-11669

  • EPSS 0.08%
  • Veröffentlicht 10.04.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:21

An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.

6.5

CVE-2020-8834

Exploit
  • EPSS 0.09%
  • Veröffentlicht 09.04.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:32

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kerne...

7.1

CVE-2020-11668

  • EPSS 0.05%
  • Veröffentlicht 09.04.2020 21:15:15
  • Zuletzt bearbeitet 21.11.2024 04:58:21

In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.

7.2

CVE-2019-20636

  • EPSS 0.11%
  • Veröffentlicht 08.04.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:38:56

In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.

4.9

CVE-2020-11609

  • EPSS 0.07%
  • Veröffentlicht 07.04.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 04:58:14

An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer derefer...

4.9

CVE-2020-11608

  • EPSS 0.06%
  • Veröffentlicht 07.04.2020 14:15:14
  • Zuletzt bearbeitet 21.11.2024 04:58:13

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.

6

CVE-2020-11565

  • EPSS 0.08%
  • Veröffentlicht 06.04.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:09

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security...

4.4

CVE-2020-11494

  • EPSS 0.07%
  • Veröffentlicht 02.04.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 04:58:00

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configurati...