Vulnerabilities > Linux > Linux Kernel > 4.19.69

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-0145 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
intel linux CWE-120
7.8
2019-11-14 CVE-2019-18885 NULL Pointer Dereference vulnerability in Linux Kernel
fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.
local
low complexity
linux CWE-476
2.1
2019-11-07 CVE-2019-18813 Memory Leak vulnerability in multiple products
A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.
network
low complexity
linux canonical CWE-401
7.5
2019-11-07 CVE-2019-18807 Memory Leak vulnerability in Linux Kernel
Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11.
network
low complexity
linux CWE-401
5.0
2019-11-07 CVE-2019-18806 Memory Leak vulnerability in Linux Kernel
A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.
local
low complexity
linux CWE-401
2.1
2019-11-06 CVE-2019-18786 Use of Uninitialized Resource vulnerability in multiple products
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.
local
low complexity
linux canonical CWE-908
2.1
2019-10-17 CVE-2019-17666 Classic Buffer Overflow vulnerability in multiple products
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
low complexity
linux debian canonical CWE-120
8.8
2019-10-08 CVE-2019-17351 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
local
low complexity
xen linux CWE-770
4.9
2019-10-04 CVE-2019-17133 Classic Buffer Overflow vulnerability in multiple products
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
network
low complexity
linux debian canonical opensuse CWE-120
critical
9.8
2019-10-01 CVE-2019-17075 Unspecified vulnerability in Linux Kernel
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2.
network
low complexity
linux
7.5