Vulnerabilities > Linux > Linux Kernel > 4.14.123

DATE CVE VULNERABILITY TITLE RISK
2019-06-19 CVE-2019-11479 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes.
network
low complexity
linux f5 canonical redhat CWE-770
7.5
2019-06-19 CVE-2019-11478 Resource Exhaustion vulnerability in multiple products
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-400
7.5
2019-06-19 CVE-2019-11477 Integer Overflow or Wraparound vulnerability in multiple products
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs).
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-190
7.5
2019-06-14 CVE-2019-10126 A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp
critical
9.8
2019-06-14 CVE-2019-12819 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.
local
low complexity
linux CWE-416
5.5
2019-06-14 CVE-2019-12818 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.20.15.
network
low complexity
linux CWE-476
7.5
2019-06-03 CVE-2019-12615 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6.
network
low complexity
linux netapp CWE-476
7.5
2019-06-03 CVE-2019-12614 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6.
4.1
2019-06-03 CVE-2019-3846 A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. 8.8
2019-05-30 CVE-2019-12456 Unspecified vulnerability in Linux Kernel
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5.
local
low complexity
linux
7.8