CVE-2019-19039
- EPSS 0.73%
- Veröffentlicht 21.11.2019 02:15:23
- Zuletzt bearbeitet 21.11.2024 04:34:02
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: ...
CVE-2019-16230
- EPSS 0.37%
- Veröffentlicht 11.09.2019 16:15:11
- Zuletzt bearbeitet 28.05.2026 19:16:31
drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening duri...
CVE-2018-7191
- EPSS 0.65%
- Veröffentlicht 17.05.2019 05:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:45
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev nam...
CVE-2019-7308
- EPSS 0.54%
- Veröffentlicht 01.02.2019 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:47:58
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel a...
CVE-2018-16885
- EPSS 0.43%
- Veröffentlicht 03.01.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:31
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault...
CVE-2018-17977
- EPSS 0.38%
- Veröffentlicht 08.10.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:19
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to e...
CVE-2018-7754
- EPSS 0.38%
- Veröffentlicht 10.08.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:40
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
CVE-2018-5995
- EPSS 0.41%
- Veröffentlicht 07.08.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:50
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
CVE-2018-13098
- EPSS 1.29%
- Veröffentlicht 03.07.2018 10:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:25
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.
CVE-2018-12928
- EPSS 0.4%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:07
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.