Vulnerabilities > Linux > Linux Kernel > 4.9.128

DATE CVE VULNERABILITY TITLE RISK
2019-02-21 CVE-2019-8980 Memory Leak vulnerability in multiple products
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
network
low complexity
linux canonical opensuse debian CWE-401
7.5
2019-02-15 CVE-2019-6974 Use After Free vulnerability in multiple products
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
network
high complexity
linux debian canonical f5 redhat CWE-416
8.1
2019-02-01 CVE-2019-7308 Numeric Errors vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
local
high complexity
linux canonical opensuse CWE-189
5.6
2019-01-31 CVE-2017-18360 Divide By Zero vulnerability in Linux Kernel
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
local
low complexity
linux canonical CWE-369
4.9
2019-01-07 CVE-2019-5489 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information.
local
low complexity
linux netapp CWE-319
2.1
2019-01-03 CVE-2019-3701 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.
local
low complexity
linux debian canonical CWE-787
4.9
2018-12-27 CVE-2018-20511 Information Exposure vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.18.11.
local
low complexity
linux debian CWE-200
2.1
2018-12-18 CVE-2018-16884 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel's NFS41+ subsystem.
8.0
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-12-12 CVE-2018-18397 Incorrect Authorization vulnerability in multiple products
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
local
low complexity
linux redhat canonical CWE-863
2.1