Vulnerabilities > Linux > Linux Kernel > 4.19.138

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2019-19046 Memory Leak vulnerability in multiple products
A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20.
network
low complexity
linux fedoraproject opensuse CWE-401
6.5
2019-11-14 CVE-2019-0145 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
intel linux CWE-120
7.8
2019-10-01 CVE-2019-17056 Incorrect Default Permissions vulnerability in Linux Kernel
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17055 Missing Authorization vulnerability in multiple products
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
3.3
2019-10-01 CVE-2019-17054 Incorrect Default Permissions vulnerability in Linux Kernel
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17053 Incorrect Default Permissions vulnerability in Linux Kernel
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17052 Incorrect Default Permissions vulnerability in multiple products
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
local
low complexity
linux debian fedoraproject canonical CWE-276
3.3
2019-09-19 CVE-2019-16413 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.4.
network
low complexity
linux CWE-835
7.5
2019-09-06 CVE-2019-16089 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 5.2.13.
local
high complexity
linux CWE-476
4.1
2019-08-29 CVE-2019-15807 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails.
local
high complexity
linux redhat debian CWE-401
4.7