Vulnerabilities > Linux > Linux Kernel > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-10 | CVE-2020-16120 | Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. | 2.1 |
2020-11-28 | CVE-2020-29371 | Use of Uninitialized Resource vulnerability in Linux Kernel An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. | 2.1 |
2020-11-28 | CVE-2020-29373 | Path Traversal vulnerability in Linux Kernel An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. | 2.1 |
2020-11-28 | CVE-2020-29374 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. | 3.6 |
2020-11-23 | CVE-2020-12352 | Unspecified vulnerability in Linux Kernel Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. low complexity linux | 3.3 |
2020-11-06 | CVE-2020-27152 | Infinite Loop vulnerability in Linux Kernel An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. | 2.1 |
2020-10-16 | CVE-2020-27194 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.8.15. | 2.1 |
2020-09-24 | CVE-2020-26088 | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 2.1 |
2020-09-13 | CVE-2020-25284 | Incorrect Authorization vulnerability in multiple products The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | 1.9 |
2020-07-30 | CVE-2020-16166 | Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. | 3.7 |