Vulnerabilities > Linux > Linux Kernel > 3.14.31
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-04 | CVE-2019-17133 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | 9.8 |
2019-10-01 | CVE-2019-17075 | Unspecified vulnerability in Linux Kernel An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. | 7.5 |
2019-10-01 | CVE-2019-17056 | Incorrect Default Permissions vulnerability in Linux Kernel llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. | 3.3 |
2019-10-01 | CVE-2019-17055 | Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 3.3 |
2019-10-01 | CVE-2019-17054 | Incorrect Default Permissions vulnerability in Linux Kernel atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. | 3.3 |
2019-10-01 | CVE-2019-17053 | Incorrect Default Permissions vulnerability in Linux Kernel ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | 3.3 |
2019-09-30 | CVE-2019-16994 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. | 4.7 |
2019-09-27 | CVE-2019-16921 | Improper Initialization vulnerability in Linux Kernel In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. | 5.0 |
2019-09-24 | CVE-2019-16746 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. | 9.8 |
2019-09-23 | CVE-2019-16714 | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. | 7.5 |