Linux

Linux Kernel

14023 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-20784

  • EPSS 0.72%
  • Veröffentlicht 22.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:10

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

7.8

CVE-2019-9003

  • EPSS 6.77%
  • Veröffentlicht 22.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:47

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

7.8

CVE-2019-8980

  • EPSS 2.08%
  • Veröffentlicht 21.02.2019 05:29:01
  • Zuletzt bearbeitet 21.11.2024 04:50:44

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

7.8

CVE-2019-8912

  • EPSS 0.34%
  • Veröffentlicht 18.02.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:39

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

8.1

CVE-2019-6974

Exploit
  • EPSS 7.92%
  • Veröffentlicht 15.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:20

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

5.6

CVE-2019-7308

  • EPSS 0.03%
  • Veröffentlicht 01.02.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:58

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel a...

4.7

CVE-2016-10741

  • EPSS 0.07%
  • Veröffentlicht 01.02.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:44:38

In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of ...

5.5

CVE-2017-18360

  • EPSS 0.08%
  • Veröffentlicht 31.01.2019 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:55

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

7

CVE-2018-16880

  • EPSS 0.1%
  • Veröffentlicht 29.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory co...

4.9

CVE-2019-3819

  • EPSS 0.01%
  • Veröffentlicht 25.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:36

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up...