Vulnerabilities > Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-22 | CVE-2019-9003 | Use After Free vulnerability in multiple products In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop. | 7.5 |
2019-02-21 | CVE-2019-8980 | Memory Leak vulnerability in multiple products A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. | 7.5 |
2019-02-18 | CVE-2019-8912 | Use After Free vulnerability in multiple products In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. | 7.8 |
2019-02-15 | CVE-2019-6974 | Use After Free vulnerability in multiple products In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | 8.1 |
2019-01-29 | CVE-2018-16880 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. | 7.0 |
2019-01-03 | CVE-2018-16882 | Use After Free vulnerability in multiple products A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. | 8.8 |
2018-12-18 | CVE-2018-16884 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's NFS41+ subsystem. | 8.0 |
2018-12-06 | CVE-2018-9568 | Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. | 7.8 |
2018-12-03 | CVE-2018-19824 | Use After Free vulnerability in multiple products In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | 7.8 |
2018-11-16 | CVE-2018-18955 | Incorrect Authorization vulnerability in multiple products In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. | 7.0 |