Vulnerabilities > Linux > Linux Kernel > 2.6.16.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-07 | CVE-2019-5489 | Cleartext Transmission of Sensitive Information vulnerability in multiple products The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. | 2.1 |
2019-01-03 | CVE-2019-3701 | Out-of-bounds Write vulnerability in Linux Kernel An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. | 4.9 |
2018-12-27 | CVE-2018-20511 | Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.18.11. | 2.1 |
2018-12-12 | CVE-2018-18397 | Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. | 2.1 |
2018-12-06 | CVE-2018-9568 | Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. | 7.8 |
2018-12-04 | CVE-2018-19854 | Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.19.3. | 1.9 |
2018-12-03 | CVE-2018-19824 | Use After Free vulnerability in Linux Kernel In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | 4.6 |
2018-11-26 | CVE-2018-16862 | Information Exposure vulnerability in Linux Kernel A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). | 2.1 |
2018-11-26 | CVE-2018-14646 | NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. | 4.9 |
2018-11-21 | CVE-2018-19407 | NULL Pointer Dereference vulnerability in Linux Kernel The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | 4.9 |