Vulnerabilities > Linux > Linux Kernel > 3.18.113
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-09 | CVE-2020-25212 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. | 4.4 |
2020-09-09 | CVE-2020-25211 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | 6.0 |
2020-08-19 | CVE-2020-24394 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. | 7.1 |
2020-07-30 | CVE-2020-16166 | Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. | 3.7 |
2020-07-15 | CVE-2020-15780 | Missing Authorization vulnerability in multiple products An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. | 7.2 |
2020-07-15 | CVE-2019-20908 | Improper Privilege Management vulnerability in multiple products An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. | 6.9 |
2020-06-18 | CVE-2020-14416 | Use After Free vulnerability in multiple products In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. | 4.7 |
2020-06-09 | CVE-2020-13974 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Linux kernel 4.4 through 5.7.1. | 7.8 |
2020-06-03 | CVE-2019-20812 | Resource Exhaustion vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.4.7. | 4.9 |
2020-06-03 | CVE-2019-20811 | An issue was discovered in the Linux kernel before 5.0.6. | 5.5 |