Linux

Linux Kernel

12282 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2020-24394

  • EPSS 0.02%
  • Veröffentlicht 19.08.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:14:44

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

4.3

CVE-2020-16166

  • EPSS 1.85%
  • Veröffentlicht 30.07.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:53

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c...

7.8

CVE-2020-15852

  • EPSS 0.16%
  • Veröffentlicht 20.07.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:18

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes ...

7.2

CVE-2020-15780

  • EPSS 0.67%
  • Veröffentlicht 15.07.2020 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:09

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

6.9

CVE-2019-20908

  • EPSS 0.02%
  • Veröffentlicht 15.07.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:39:39

An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

5.5

CVE-2019-19338

  • EPSS 0.09%
  • Veröffentlicht 13.07.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:36

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a hos...

5.5

CVE-2020-15393

  • EPSS 0.09%
  • Veröffentlicht 29.06.2020 22:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:28

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

4.7

CVE-2020-14416

  • EPSS 0.09%
  • Veröffentlicht 18.06.2020 11:15:09
  • Zuletzt bearbeitet 21.11.2024 05:03:13

In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.

4.4

CVE-2020-10732

  • EPSS 0.05%
  • Veröffentlicht 12.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:57

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

7.8

CVE-2020-10757

Exploit
  • EPSS 0.41%
  • Veröffentlicht 09.06.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:00

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.