Vulnerabilities > Linux > Linux Kernel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-25 | CVE-2019-3819 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. | 4.4 |
| 2019-01-07 | CVE-2019-5489 | Cleartext Transmission of Sensitive Information vulnerability in multiple products The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. | 5.5 |
| 2019-01-03 | CVE-2019-3701 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. | 4.4 |
| 2019-01-03 | CVE-2018-16885 | A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. | 5.5 |
| 2019-01-03 | CVE-2018-16882 | Use After Free vulnerability in multiple products A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. | 8.8 |
| 2018-12-27 | CVE-2018-20511 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.18.11. | 5.5 |
| 2018-12-18 | CVE-2018-16884 | A flaw was found in the Linux kernel's NFS41+ subsystem. | 8.0 |
| 2018-12-17 | CVE-2018-20169 | Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. | 6.8 |
| 2018-12-12 | CVE-2018-18397 | Incorrect Authorization vulnerability in multiple products The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. | 5.5 |
| 2018-12-06 | CVE-2018-9568 | Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. | 7.8 |