Vulnerabilities > Linux > Linux Kernel > 4.4.95

DATE CVE VULNERABILITY TITLE RISK
2019-02-01 CVE-2019-7308 Numeric Errors vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
local
high complexity
linux canonical opensuse CWE-189
5.6
2019-02-01 CVE-2016-10741 Race Condition vulnerability in multiple products
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.
local
high complexity
linux debian CWE-362
4.7
2019-01-31 CVE-2017-18360 Divide By Zero vulnerability in multiple products
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
local
low complexity
linux canonical CWE-369
5.5
2019-01-07 CVE-2019-5489 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information.
local
low complexity
linux netapp CWE-319
5.5
2019-01-03 CVE-2019-3701 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.
local
low complexity
linux debian canonical CWE-787
4.4
2018-12-27 CVE-2018-20511 Information Exposure vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.18.11.
local
low complexity
linux debian CWE-200
5.5
2018-12-18 CVE-2018-16884 A flaw was found in the Linux kernel's NFS41+ subsystem.
low complexity
linux redhat debian canonical
8.0
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-12-12 CVE-2018-18397 Incorrect Authorization vulnerability in multiple products
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
local
low complexity
linux redhat canonical CWE-863
5.5
2018-12-04 CVE-2018-19854 Information Exposure vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.3.
local
high complexity
linux canonical CWE-200
4.7