Vulnerabilities > Linux > Linux Kernel > 5.0

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2019-9857 Memory Leak vulnerability in Linux Kernel
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak).
local
low complexity
linux CWE-401
5.5
2019-02-22 CVE-2019-9003 Use After Free vulnerability in multiple products
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
network
low complexity
linux netapp canonical opensuse CWE-416
7.5
2019-02-22 CVE-2018-20784 Infinite Loop vulnerability in multiple products
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
network
low complexity
linux canonical redhat CWE-835
critical
9.8
2019-02-21 CVE-2019-8980 Memory Leak vulnerability in multiple products
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
network
low complexity
linux canonical opensuse debian CWE-401
7.5
2019-02-18 CVE-2019-8912 Use After Free vulnerability in multiple products
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
local
low complexity
linux redhat canonical opensuse CWE-416
7.8
2019-01-25 CVE-2019-3819 Infinite Loop vulnerability in multiple products
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace.
local
low complexity
linux debian canonical opensuse CWE-835
4.4
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-10-08 CVE-2018-14656 Unspecified vulnerability in Linux Kernel
A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.
local
low complexity
linux
5.5
2018-09-21 CVE-2018-16597 Incorrect Authorization vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.8.
local
low complexity
linux netapp opensuse CWE-863
5.5
2018-09-11 CVE-2018-10853 Improper Privilege Management vulnerability in multiple products
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor.
local
low complexity
canonical debian linux CWE-269
7.8