Vulnerabilities > Linux > Linux Kernel > 2.6.30.1

DATE CVE VULNERABILITY TITLE RISK
2019-11-06 CVE-2019-18786 Use of Uninitialized Resource vulnerability in multiple products
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.
local
low complexity
linux canonical CWE-908
2.1
2019-10-17 CVE-2019-17666 Classic Buffer Overflow vulnerability in multiple products
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
low complexity
linux debian canonical CWE-120
8.8
2019-10-08 CVE-2019-17351 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
local
low complexity
xen linux CWE-770
4.9
2019-10-01 CVE-2019-17056 Incorrect Default Permissions vulnerability in Linux Kernel
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17055 Missing Authorization vulnerability in multiple products
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
3.3
2019-10-01 CVE-2019-17054 Incorrect Default Permissions vulnerability in Linux Kernel
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17053 Incorrect Default Permissions vulnerability in Linux Kernel
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
local
low complexity
linux CWE-276
3.3
2019-09-30 CVE-2019-16994 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
4.7
2019-09-27 CVE-2019-16921 Improper Initialization vulnerability in Linux Kernel
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.
network
low complexity
linux CWE-665
5.0
2019-09-24 CVE-2019-16746 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17.
network
low complexity
linux debian canonical fedoraproject opensuse CWE-120
critical
9.8