Linux

Linux Kernel

14022 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2009-4067

Exploit
  • EPSS 0.61%
  • Veröffentlicht 11.02.2020 19:15:10
  • Zuletzt bearbeitet 21.11.2024 01:08:51

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full con...

6.1

CVE-2020-8647

  • EPSS 0.08%
  • Veröffentlicht 06.02.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:10

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

7.1

CVE-2020-8648

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.02.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:11

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

5.9

CVE-2020-8649

Exploit
  • EPSS 0.09%
  • Veröffentlicht 06.02.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:11

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

4.7

CVE-2019-3016

  • EPSS 0.06%
  • Veröffentlicht 31.01.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:41:59

In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.1...

7.1

CVE-2020-8428

  • EPSS 0.1%
  • Veröffentlicht 29.01.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 05:38:50

fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may...

5.5

CVE-2019-20422

  • EPSS 0.08%
  • Veröffentlicht 27.01.2020 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:38:26

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.

8.3

CVE-2019-9500

Exploit
  • EPSS 3.47%
  • Veröffentlicht 16.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:51:44

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an h...

5.3

CVE-2019-18282

  • EPSS 0.68%
  • Veröffentlicht 16.01.2020 16:15:16
  • Zuletzt bearbeitet 21.11.2024 04:32:58

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and beca...

5.9

CVE-2007-4774

  • EPSS 0.18%
  • Veröffentlicht 15.01.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 00:36:25

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.