Vulnerabilities > Linux > Linux Kernel > 4.9.167

DATE CVE VULNERABILITY TITLE RISK
2019-08-13 CVE-2017-18509 Improper Input Validation vulnerability in multiple products
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11.
local
low complexity
linux debian canonical CWE-20
7.8
2019-08-07 CVE-2019-14763 Improper Locking vulnerability in multiple products
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
local
low complexity
linux canonical CWE-667
5.5
2019-07-30 CVE-2018-16871 A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20.
network
low complexity
linux redhat netapp
7.5
2019-07-26 CVE-2019-14284 Divide By Zero vulnerability in Linux Kernel
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero.
local
low complexity
linux CWE-369
6.2
2019-07-26 CVE-2019-14283 Integer Overflow or Wraparound vulnerability in Linux Kernel
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read.
low complexity
linux CWE-190
6.8
2019-07-26 CVE-2018-20856 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.18.7.
local
low complexity
linux CWE-416
7.8
2019-07-26 CVE-2018-20855 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.18.7.
local
low complexity
linux opensuse netapp CWE-119
3.3
2019-07-19 CVE-2019-13648 Resource Management Errors vulnerability in Linux Kernel
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame.
local
low complexity
linux CWE-399
5.5
2019-07-17 CVE-2019-13631 Out-of-bounds Write vulnerability in Linux Kernel
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
low complexity
linux CWE-787
6.8
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). 7.8