Vulnerabilities > Linux > Linux Kernel > 5.3.1

DATE CVE VULNERABILITY TITLE RISK
2019-10-01 CVE-2019-17053 Incorrect Default Permissions vulnerability in Linux Kernel
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
local
low complexity
linux CWE-276
3.3
3.3
2019-10-01 CVE-2019-17052 Incorrect Default Permissions vulnerability in multiple products
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
local
low complexity
linux debian fedoraproject canonical CWE-276
3.3
3.3
2019-09-24 CVE-2019-16746 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17.
network
low complexity
linux debian canonical fedoraproject opensuse CWE-120
critical
 9.8
9.8
2019-08-19 CVE-2018-20976 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18.
local
low complexity
linux CWE-416
7.8
7.8
2019-08-19 CVE-2016-10905 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8.
local
low complexity
linux CWE-416
7.8
7.8
2019-08-16 CVE-2019-15099 NULL Pointer Dereference vulnerability in multiple products
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
network
low complexity
linux canonical CWE-476
7.5
7.5
2019-07-26 CVE-2018-20854 Out-of-bounds Read vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.20.
local
low complexity
linux CWE-125
7.8
7.8
2019-04-22 CVE-2019-3901 A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.
local
high complexity
linux debian netapp
4.7
4.7
2019-04-12 CVE-2019-11190 Race Condition vulnerability in Linux Kernel
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
local
high complexity
linux CWE-362
4.7
4.7
2019-04-09 CVE-2019-3887 A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled.
local
high complexity
linux fedoraproject canonical redhat
5.6
5.6