Vulnerabilities > Linux > Linux Kernel > 3.15.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-7221 | Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | 7.8 |
2019-02-15 | CVE-2019-6974 | Use After Free vulnerability in multiple products In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | 8.1 |
2019-02-01 | CVE-2019-7308 | Numeric Errors vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. | 5.6 |
2018-12-18 | CVE-2018-16884 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's NFS41+ subsystem. | 8.0 |
2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
2018-09-06 | CVE-2018-5391 | Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. | 7.5 |
2018-07-11 | CVE-2016-9604 | Improper Verification of Cryptographic Signature vulnerability in Linux Kernel It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. | 4.4 |
2018-07-06 | CVE-2018-13405 | Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. | 7.8 |
2018-06-21 | CVE-2016-10723 | Resource Management Errors vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 4.17.2. | 5.5 |
2018-06-12 | CVE-2018-12233 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. | 7.8 |