CVE-2020-11725
- EPSS 0.51%
- Veröffentlicht 12.04.2020 22:15:11
- Zuletzt bearbeitet 29.05.2026 21:16:37
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, ...
CVE-2019-20429
- EPSS 1.9%
- Veröffentlicht 27.01.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 04:38:27
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between spt...
CVE-2019-20425
- EPSS 1.9%
- Veröffentlicht 27.01.2020 05:15:11
- Zuletzt bearbeitet 21.11.2024 04:38:26
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain len...
CVE-2019-19815
- EPSS 2.1%
- Veröffentlicht 17.12.2019 07:15:10
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.
CVE-2019-19814
- EPSS 3.3%
- Veröffentlicht 17.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-14899
- EPSS 0.84%
- Veröffentlicht 11.12.2019 15:15:14
- Zuletzt bearbeitet 21.11.2024 04:27:38
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...
CVE-2019-19449
- EPSS 2.01%
- Veröffentlicht 08.12.2019 02:15:09
- Zuletzt bearbeitet 21.11.2024 04:34:45
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get...
CVE-2019-19378
- EPSS 2.33%
- Veröffentlicht 29.11.2019 17:15:11
- Zuletzt bearbeitet 28.05.2026 19:16:34
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19377
- EPSS 3.4%
- Veröffentlicht 29.11.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 04:34:40
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2019-19036
- EPSS 1.84%
- Veröffentlicht 21.11.2019 02:15:23
- Zuletzt bearbeitet 21.11.2024 04:34:02
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.