Linux

Linux Kernel

14023 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2019-17053

  • EPSS 0.1%
  • Veröffentlicht 01.10.2019 14:15:42
  • Zuletzt bearbeitet 21.11.2024 04:31:36

ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.

3.3

CVE-2019-17052

  • EPSS 0.09%
  • Veröffentlicht 01.10.2019 14:15:40
  • Zuletzt bearbeitet 21.11.2024 04:31:36

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

4.7

CVE-2019-16994

Exploit
  • EPSS 0.08%
  • Veröffentlicht 30.09.2019 13:15:11
  • Zuletzt bearbeitet 21.11.2024 04:31:30

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.

7.8

CVE-2019-16995

Exploit
  • EPSS 2%
  • Veröffentlicht 30.09.2019 13:15:11
  • Zuletzt bearbeitet 21.11.2024 04:31:30

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

7.5

CVE-2019-16921

  • EPSS 0.27%
  • Veröffentlicht 27.09.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:20

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425...

9.8

CVE-2019-16746

  • EPSS 2.6%
  • Veröffentlicht 24.09.2019 06:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:06

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

7.5

CVE-2019-16714

  • EPSS 1.12%
  • Veröffentlicht 23.09.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:02

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

7.8

CVE-2019-14814

Exploit
  • EPSS 0.18%
  • Veröffentlicht 20.09.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:24

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8

CVE-2019-14816

Exploit
  • EPSS 0.09%
  • Veröffentlicht 20.09.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:25

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

8.8

CVE-2019-14821

  • EPSS 0.11%
  • Veröffentlicht 19.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:25

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher...