Vulnerabilities > Linux > Linux Kernel > 2.6.15.4

DATE CVE VULNERABILITY TITLE RISK
2020-04-09 CVE-2020-11668 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
local
low complexity
linux CWE-476
5.6
2020-04-08 CVE-2019-20636 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
local
low complexity
linux netapp CWE-787
6.7
2020-04-07 CVE-2020-11609 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1.
local
low complexity
linux canonical CWE-476
4.9
2020-04-07 CVE-2020-11608 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.1.
local
low complexity
linux canonical CWE-476
4.9
2020-04-06 CVE-2020-11565 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.2.
local
low complexity
linux canonical CWE-787
6.0
2020-03-24 CVE-2020-10942 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
5.4
2020-02-20 CVE-2011-4915 Information Exposure vulnerability in Linux Kernel
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.
local
low complexity
linux canonical debian CWE-200
2.1
2020-02-20 CVE-2011-2498 Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.
local
low complexity
linux canonical CWE-772
4.9
2020-02-19 CVE-2012-0055 Missing Authorization vulnerability in Linux Kernel
OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.
local
low complexity
linux canonical CWE-862
7.2
2020-02-14 CVE-2020-8992 Excessive Iteration vulnerability in multiple products
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
local
low complexity
linux canonical opensuse netapp CWE-834
4.9