Vulnerabilities > Linux > Linux Kernel > 4.19.98

DATE CVE VULNERABILITY TITLE RISK
2019-10-01 CVE-2019-17053 Incorrect Default Permissions vulnerability in Linux Kernel
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
local
low complexity
linux CWE-276
3.3
2019-10-01 CVE-2019-17052 Incorrect Default Permissions vulnerability in multiple products
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
local
low complexity
linux debian fedoraproject canonical CWE-276
3.3
2019-09-30 CVE-2019-16994 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
local
high complexity
linux redhat opensuse CWE-401
4.7
2019-09-23 CVE-2019-16714 Missing Initialization of Resource vulnerability in multiple products
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
network
low complexity
linux canonical f5 CWE-909
7.5
2019-09-19 CVE-2019-16413 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.4.
network
low complexity
linux CWE-835
7.5
2019-09-13 CVE-2019-15031 Improper Synchronization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt.
local
low complexity
linux redhat canonical opensuse CWE-662
4.4
2019-09-13 CVE-2019-15030 Missing Authorization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception.
local
low complexity
linux redhat canonical opensuse CWE-862
4.4
2019-09-06 CVE-2019-16089 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 5.2.13.
local
high complexity
linux CWE-476
4.1
2019-09-04 CVE-2019-15924 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.11.
local
low complexity
linux CWE-476
5.5
2019-09-04 CVE-2019-15923 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.0.9.
local
low complexity
linux CWE-476
5.5