Linux

Linux Kernel

14022 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-8835

Exploit
  • EPSS 26.55%
  • Veröffentlicht 02.04.2020 18:15:18
  • Zuletzt bearbeitet 21.11.2024 05:39:32

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5....

5.4

CVE-2020-10942

Exploit
  • EPSS 0.07%
  • Veröffentlicht 24.03.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:25

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

5.5

CVE-2020-9391

Exploit
  • EPSS 0.16%
  • Veröffentlicht 25.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:32

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to ...

7.1

CVE-2020-9383

  • EPSS 0.1%
  • Veröffentlicht 25.02.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:31

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

7

CVE-2011-0699

  • EPSS 0.05%
  • Veröffentlicht 20.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 01:24:38

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

5.5

CVE-2011-4915

Exploit
  • EPSS 0.08%
  • Veröffentlicht 20.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 01:33:17

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

5.5

CVE-2011-2498

  • EPSS 0.16%
  • Veröffentlicht 20.02.2020 04:15:10
  • Zuletzt bearbeitet 21.11.2024 01:28:24

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

7.8

CVE-2012-0055

Exploit
  • EPSS 0.39%
  • Veröffentlicht 19.02.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 01:34:18

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

5.5

CVE-2020-8992

  • EPSS 0.05%
  • Veröffentlicht 14.02.2020 05:15:13
  • Zuletzt bearbeitet 21.11.2024 05:39:47

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

5.5

CVE-2012-0810

  • EPSS 0.05%
  • Veröffentlicht 12.02.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 01:35:46

The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.