Linux

Linux Kernel

12201 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-18379

  • EPSS 0.8%
  • Veröffentlicht 27.07.2019 22:15:11
  • Zuletzt bearbeitet 21.11.2024 03:19:58

In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.

9.8

CVE-2007-6762

  • EPSS 0.8%
  • Veröffentlicht 27.07.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 00:40:56

In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

6.8

CVE-2019-14283

  • EPSS 0.05%
  • Veröffentlicht 26.07.2019 13:15:13
  • Zuletzt bearbeitet 21.11.2024 04:26:22

In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk h...

6.2

CVE-2019-14284

  • EPSS 0.05%
  • Veröffentlicht 26.07.2019 13:15:13
  • Zuletzt bearbeitet 21.11.2024 04:26:22

In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make...

7.8

CVE-2018-20854

  • EPSS 0.07%
  • Veröffentlicht 26.07.2019 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:02:19

An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.

3.3

CVE-2018-20855

  • EPSS 0.11%
  • Veröffentlicht 26.07.2019 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:02:19

An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

7.8

CVE-2018-20856

  • EPSS 0.1%
  • Veröffentlicht 26.07.2019 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:02:19

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

5.5

CVE-2019-13648

  • EPSS 0.09%
  • Veröffentlicht 19.07.2019 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:26

In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal ...

6.8

CVE-2019-13631

  • EPSS 0.02%
  • Veröffentlicht 17.07.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:24

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

7.8

CVE-2019-13272

Warnung Exploit
  • EPSS 81.24%
  • Veröffentlicht 17.07.2019 13:15:10
  • Zuletzt bearbeitet 03.04.2025 20:28:35

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with...