Vulnerabilities > Linux > Linux Kernel > 4.14.123

DATE CVE VULNERABILITY TITLE RISK
2019-09-23 CVE-2019-16714 Missing Initialization of Resource vulnerability in multiple products
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
network
low complexity
linux canonical f5 CWE-909
7.5
2019-09-20 CVE-2019-14816 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. 7.8
2019-09-20 CVE-2019-14814 There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
local
low complexity
linux redhat debian canonical opensuse netapp
7.8
2019-09-19 CVE-2019-14821 An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. 8.8
2019-09-19 CVE-2019-16413 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.4.
network
low complexity
linux CWE-835
7.5
2019-09-17 CVE-2019-14835 A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. 7.8
2019-09-13 CVE-2019-15031 Improper Synchronization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt.
local
low complexity
linux redhat canonical opensuse CWE-662
4.4
2019-09-13 CVE-2019-15030 Missing Authorization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception.
local
low complexity
linux redhat canonical opensuse CWE-862
4.4
2019-09-06 CVE-2019-16089 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 5.2.13.
local
high complexity
linux CWE-476
4.1
2019-09-04 CVE-2019-15926 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.3.
network
low complexity
linux debian canonical CWE-125
critical
9.1