CVE-2019-11190
- EPSS 0.49%
- Veröffentlicht 12.04.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:20:41
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition wh...
CVE-2019-11191
- EPSS 0.5%
- Veröffentlicht 12.04.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:20:42
The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aou...
CVE-2019-3874
- EPSS 1.77%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:46
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
CVE-2018-19985
- EPSS 0.96%
- Veröffentlicht 21.03.2019 16:00:33
- Zuletzt bearbeitet 21.11.2024 03:58:56
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr...
CVE-2016-10741
- EPSS 0.31%
- Veröffentlicht 01.02.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 02:44:38
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of ...
CVE-2019-5489
- EPSS 0.77%
- Veröffentlicht 07.01.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:45:02
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af...
CVE-2018-16885
- EPSS 0.43%
- Veröffentlicht 03.01.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:31
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault...
CVE-2019-3701
- EPSS 0.7%
- Veröffentlicht 03.01.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:21
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD...
CVE-2018-20511
- EPSS 0.45%
- Veröffentlicht 27.12.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:01:38
An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next f...
- EPSS 1.46%
- Veröffentlicht 18.12.2018 22:29:04
- Zuletzt bearbeitet 21.11.2024 03:53:31
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container ...