Linux

Linux Kernel

14023 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2018-20836

  • EPSS 3.89%
  • Veröffentlicht 07.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:16

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

7.8

CVE-2019-11810

  • EPSS 1.84%
  • Veröffentlicht 07.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:48

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a ...

7

CVE-2019-11811

  • EPSS 0.07%
  • Veröffentlicht 07.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:48

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and ...

10

CVE-2019-11683

  • EPSS 10.38%
  • Veröffentlicht 02.05.2019 17:29:02
  • Zuletzt bearbeitet 21.11.2024 04:21:35

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 pay...

5.5

CVE-2018-20509

  • EPSS 0.06%
  • Veröffentlicht 30.04.2019 18:29:07
  • Zuletzt bearbeitet 21.11.2024 04:01:38

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

5.5

CVE-2018-20510

  • EPSS 0.06%
  • Veröffentlicht 30.04.2019 18:29:07
  • Zuletzt bearbeitet 21.11.2024 04:01:38

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

7

CVE-2019-11599

Exploit
  • EPSS 0.52%
  • Veröffentlicht 29.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:25

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p...

7.7

CVE-2019-3900

  • EPSS 0.08%
  • Veröffentlicht 25.04.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:49

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest ...

5.5

CVE-2019-3882

  • EPSS 0.03%
  • Veröffentlicht 24.04.2019 16:29:02
  • Zuletzt bearbeitet 21.11.2024 04:42:47

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th...

7

CVE-2019-11486

  • EPSS 0.05%
  • Veröffentlicht 23.04.2019 22:29:05
  • Zuletzt bearbeitet 21.11.2024 04:21:10

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.