Vulnerabilities > Linux > Linux Kernel > 4.1.41
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-26088 | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 2.1 |
| 2020-09-18 | CVE-2020-14390 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.9-rc6. | 4.6 |
| 2020-09-16 | CVE-2020-10781 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. | 5.5 |
| 2020-09-16 | CVE-2020-10768 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. | 5.5 |
| 2020-09-15 | CVE-2020-10767 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). | 5.5 |
| 2020-09-15 | CVE-2020-10766 | Unspecified vulnerability in Linux Kernel A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. | 5.5 |
| 2020-09-15 | CVE-2020-14385 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 5.5 |
| 2020-09-15 | CVE-2020-14331 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. | 6.6 |
| 2020-09-13 | CVE-2020-25285 | NULL Pointer Dereference vulnerability in multiple products A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | 4.4 |
| 2020-09-13 | CVE-2020-25284 | Incorrect Authorization vulnerability in multiple products The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | 1.9 |