Vulnerabilities > Linux > Linux Kernel > 4.9.215

DATE CVE VULNERABILITY TITLE RISK
2019-01-07 CVE-2019-5489 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information.
local
low complexity
linux netapp CWE-319
2.1
2019-01-03 CVE-2019-3701 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.
local
low complexity
linux debian canonical CWE-787
4.9
2018-12-27 CVE-2018-20511 Information Exposure vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.18.11.
local
low complexity
linux debian CWE-200
2.1
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-12-12 CVE-2018-18397 Incorrect Authorization vulnerability in multiple products
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
local
low complexity
linux redhat canonical CWE-863
2.1
2018-12-04 CVE-2018-19854 Information Exposure vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.19.3.
1.9
2018-12-03 CVE-2018-19824 Use After Free vulnerability in Linux Kernel
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
local
low complexity
linux canonical debian CWE-416
4.6
2018-11-26 CVE-2018-16862 Information Exposure vulnerability in Linux Kernel
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal).
local
low complexity
linux redhat canonical debian CWE-200
2.1
2018-11-26 CVE-2018-14646 NULL Pointer Dereference vulnerability in Linux Kernel
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file.
local
low complexity
linux redhat CWE-476
4.9
2018-11-21 CVE-2018-19407 NULL Pointer Dereference vulnerability in Linux Kernel
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
local
low complexity
linux canonical CWE-476
4.9