Vulnerabilities > Linux > Linux Kernel > 4.14.188
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-9857 | Memory Leak vulnerability in Linux Kernel In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). | 5.5 |
2019-03-21 | CVE-2019-7222 | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | 5.5 |
2019-03-21 | CVE-2019-7221 | Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | 7.8 |
2019-03-21 | CVE-2018-19985 | Out-of-bounds Read vulnerability in multiple products The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. | 4.6 |
2019-02-01 | CVE-2019-7308 | Numeric Errors vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. | 5.6 |
2019-01-07 | CVE-2019-5489 | Cleartext Transmission of Sensitive Information vulnerability in multiple products The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. | 5.5 |
2019-01-03 | CVE-2019-3701 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. | 4.4 |
2018-12-27 | CVE-2018-20511 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.18.11. | 5.5 |
2018-12-17 | CVE-2018-20169 | Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. | 6.8 |
2018-12-12 | CVE-2018-18397 | Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. | 5.5 |