Vulnerabilities > Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-09 | CVE-2020-11668 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. | 7.1 |
| 2020-04-02 | CVE-2020-8835 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. | 7.8 |
| 2020-02-25 | CVE-2020-9383 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
| 2020-02-20 | CVE-2011-0699 | Out-of-bounds Write vulnerability in Linux Kernel 2.6.37 Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | 7.0 |
| 2020-02-19 | CVE-2012-0055 | Missing Authorization vulnerability in multiple products OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | 7.8 |
| 2020-02-06 | CVE-2020-8648 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | 7.1 |
| 2020-01-29 | CVE-2020-8428 | Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. | 7.1 |
| 2020-01-22 | CVE-2018-16267 | Improper Privilege Management vulnerability in Linux Tizen The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. | 8.1 |
| 2020-01-22 | CVE-2018-16266 | Improper Privilege Management vulnerability in Linux Tizen The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. | 8.1 |
| 2020-01-22 | CVE-2018-16263 | Improper Privilege Management vulnerability in Linux Tizen The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. | 8.8 |