Vulnerabilities > Linux > Linux Kernel > 2.1.1

DATE CVE VULNERABILITY TITLE RISK
2019-12-03 CVE-2019-19524 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
low complexity
linux debian canonical CWE-416
4.6
2019-12-03 CVE-2019-19523 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
low complexity
linux debian opensuse CWE-416
4.6
2019-11-30 CVE-2019-19462 NULL Pointer Dereference vulnerability in multiple products
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
local
low complexity
linux netapp canonical opensuse debian CWE-476
5.5
2019-11-27 CVE-2019-18660 Information Exposure vulnerability in multiple products
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58.
4.7
2019-11-25 CVE-2019-19252 Out-of-bounds Read vulnerability in Linux Kernel
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
local
low complexity
linux CWE-125
7.8
2019-11-25 CVE-2019-18675 Integer Overflow or Wraparound vulnerability in Linux Kernel
The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation.
local
low complexity
linux CWE-190
7.8
2019-11-22 CVE-2019-19227 NULL Pointer Dereference vulnerability in Linux Kernel
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL.
local
low complexity
linux CWE-476
2.1
2019-11-21 CVE-2019-19037 NULL Pointer Dereference vulnerability in Linux Kernel
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.
network
linux CWE-476
4.3
2019-11-21 CVE-2019-19039 Information Exposure Through Log Files vulnerability in multiple products
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program.
local
low complexity
linux debian canonical CWE-532
5.5
2019-11-21 CVE-2019-19036 NULL Pointer Dereference vulnerability in Linux Kernel
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
network
linux CWE-476
4.3