CVE-2020-24490
- EPSS 2.22%
- Veröffentlicht 02.02.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:14:54
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
CVE-2020-12351
- EPSS 7.69%
- Veröffentlicht 23.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:33
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-12352
- EPSS 5.71%
- Veröffentlicht 23.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:33
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-26541
- EPSS 0.53%
- Veröffentlicht 02.10.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:20:02
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-14304
- EPSS 0.36%
- Veröffentlicht 15.09.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:02:57
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...
CVE-2020-15802
- EPSS 7.14%
- Veröffentlicht 11.09.2020 14:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:12
Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...
CVE-2020-3702
- EPSS 0.34%
- Veröffentlicht 08.09.2020 10:15:16
- Zuletzt bearbeitet 21.11.2024 05:31:36
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon A...
CVE-2020-12888
- EPSS 0.4%
- Veröffentlicht 15.05.2020 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:00:29
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
CVE-2019-20794
- EPSS 0.51%
- Veröffentlicht 09.05.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:39:22
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...
CVE-2020-12655
- EPSS 0.46%
- Veröffentlicht 05.05.2020 06:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:00
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.