CVE-2019-20054
- EPSS 0.48%
- Veröffentlicht 28.12.2019 05:15:11
- Zuletzt bearbeitet 21.11.2024 04:37:58
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
CVE-2019-19965
- EPSS 0.65%
- Veröffentlicht 25.12.2019 04:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:45
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
CVE-2019-19966
- EPSS 0.63%
- Veröffentlicht 25.12.2019 04:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:45
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
CVE-2019-19947
- EPSS 0.49%
- Veröffentlicht 24.12.2019 00:15:10
- Zuletzt bearbeitet 21.11.2024 04:35:43
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
CVE-2019-5108
- EPSS 10.11%
- Veröffentlicht 23.12.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:44:22
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has c...
CVE-2019-19813
- EPSS 2.13%
- Veröffentlicht 17.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner...
CVE-2019-19814
- EPSS 3.3%
- Veröffentlicht 17.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-19816
- EPSS 3.29%
- Veröffentlicht 17.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandl...
CVE-2019-19768
- EPSS 4.15%
- Veröffentlicht 12.12.2019 20:15:17
- Zuletzt bearbeitet 21.11.2024 04:35:20
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
CVE-2019-14899
- EPSS 0.84%
- Veröffentlicht 11.12.2019 15:15:14
- Zuletzt bearbeitet 21.11.2024 04:27:38
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...