Vulnerabilities > Linux > Linux Kernel > 5.1

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-11487 Use After Free vulnerability in multiple products
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists.
local
low complexity
linux debian canonical CWE-416
7.8
2019-04-22 CVE-2019-3901 Improper Locking vulnerability in multiple products
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.
local
high complexity
linux debian netapp CWE-667
4.7
2019-04-09 CVE-2019-3887 Incorrect Authorization vulnerability in multiple products
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled.
local
high complexity
linux fedoraproject canonical redhat CWE-863
5.6
2019-03-27 CVE-2019-10125 Use After Free vulnerability in multiple products
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4.
network
low complexity
linux netapp CWE-416
critical
10.0
2019-02-21 CVE-2019-8980 Memory Leak vulnerability in multiple products
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
network
low complexity
linux canonical opensuse debian CWE-401
7.5
2019-01-25 CVE-2019-3819 Infinite Loop vulnerability in multiple products
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace.
local
low complexity
linux debian canonical opensuse CWE-835
4.9
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-10-08 CVE-2018-14656 Improper Input Validation vulnerability in Linux Kernel
A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.
local
low complexity
linux CWE-20
5.5
2018-07-26 CVE-2018-10878 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
canonical linux debian redhat CWE-787
7.8
2018-05-21 CVE-2018-1108 Use of Insufficiently Random Values vulnerability in multiple products
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data.
network
high complexity
linux canonical debian CWE-330
5.9