Vulnerabilities > Linux > Linux Kernel > 4.9.167

DATE CVE VULNERABILITY TITLE RISK
2020-11-20 CVE-2020-28974 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095.
local
low complexity
linux debian CWE-125
6.1
2020-11-19 CVE-2020-28941 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9.
local
low complexity
linux fedoraproject debian CWE-763
5.5
2020-11-18 CVE-2020-28915 Out-of-bounds Read vulnerability in Linux Kernel
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
local
low complexity
linux CWE-125
6.1
2020-11-17 CVE-2020-25705 Use of Insufficiently Random Values vulnerability in multiple products
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports.
network
linux redhat CWE-330
5.8
2020-11-06 CVE-2020-27152 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2.
local
low complexity
linux CWE-835
2.1
2020-10-22 CVE-2020-27675 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
high complexity
linux fedoraproject debian CWE-416
4.7
2020-10-22 CVE-2020-27673 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
low complexity
linux debian opensuse xen
5.5
2020-10-16 CVE-2020-27194 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.8.15.
local
low complexity
linux CWE-119
2.1
2020-10-13 CVE-2020-25645 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux debian netapp opensuse canonical CWE-319
5.0
2020-10-06 CVE-2020-25643 Improper Input Validation vulnerability in multiple products
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7.
7.2