- EPSS 7.07%
- Veröffentlicht 02.05.2019 17:29:02
- Zuletzt bearbeitet 21.11.2024 04:21:35
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 pay...
CVE-2018-20509
- EPSS 0.37%
- Veröffentlicht 30.04.2019 18:29:07
- Zuletzt bearbeitet 21.11.2024 04:01:38
The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.
CVE-2018-20510
- EPSS 0.41%
- Veröffentlicht 30.04.2019 18:29:07
- Zuletzt bearbeitet 21.11.2024 04:01:38
The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.
- EPSS 0.24%
- Veröffentlicht 30.04.2019 07:15:09
- Zuletzt bearbeitet 07.11.2023 03:10:16
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11599. Reason: This candidate is a reservation duplicate of CVE-2019-11599. Notes: All CVE users should reference CVE-2019-11599 instead of this candidate. All references and des...
- EPSS 0.99%
- Veröffentlicht 29.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:25
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or p...
CVE-2019-3900
- EPSS 4.43%
- Veröffentlicht 25.04.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:49
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest ...
CVE-2019-3882
- EPSS 0.54%
- Veröffentlicht 24.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:47
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th...
- EPSS 0.37%
- Veröffentlicht 23.04.2019 22:29:05
- Zuletzt bearbeitet 21.11.2024 04:21:10
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-11487
- EPSS 0.71%
- Veröffentlicht 23.04.2019 22:29:05
- Zuletzt bearbeitet 21.11.2024 04:21:11
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs...
CVE-2019-3901
- EPSS 0.34%
- Veröffentlicht 22.04.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:49
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target ...