Vulnerabilities > Linux > Linux Kernel > 4.9.191

DATE CVE VULNERABILITY TITLE RISK
2020-10-06 CVE-2020-25643 Improper Input Validation vulnerability in multiple products
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7.
7.2
2020-10-06 CVE-2020-25641 Infinite Loop vulnerability in multiple products
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7.
local
low complexity
linux redhat opensuse debian canonical CWE-835
5.5
2020-09-16 CVE-2020-14386 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel before 5.9-rc4.
local
low complexity
linux debian fedoraproject opensuse CWE-787
7.8
2020-09-16 CVE-2020-10781 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory.
local
low complexity
linux debian CWE-732
5.5
2020-09-16 CVE-2020-10768 Unspecified vulnerability in Linux Kernel
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled.
local
low complexity
linux
5.5
2020-09-15 CVE-2020-10767 Unspecified vulnerability in Linux Kernel
A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier).
local
low complexity
linux
5.5
2020-09-15 CVE-2020-10766 Unspecified vulnerability in Linux Kernel
A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD.
local
low complexity
linux
5.5
2020-09-15 CVE-2020-14385 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in the Linux kernel before 5.9-rc4.
local
low complexity
linux debian canonical CWE-131
5.5
2020-09-15 CVE-2020-14331 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur.
low complexity
linux redhat CWE-787
6.6
2020-09-09 CVE-2020-25211 Classic Buffer Overflow vulnerability in multiple products
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
local
low complexity
linux debian fedoraproject CWE-120
6.0