Filtered by vendor Linux
Subscribe
Total
6322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0567 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32125310. References: B-RB#112575. | |||||
| CVE-2017-0608 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35400458. References: QC-CR#1098363. | |||||
| CVE-2017-0436 | 2 Google, Linux | 2 Android, Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32624661. References: QC-CR#1078000. | |||||
| CVE-2018-12828 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2017-0528 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919. | |||||
| CVE-2017-0572 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-34198931. References: B-RB#112597. | |||||
| CVE-2017-0610 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399404. References: QC-CR#1094852. | |||||
| CVE-2019-16921 | 1 Linux | 1 Linux Kernel | 2019-09-27 | 5.0 MEDIUM | 7.5 HIGH |
| In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. | |||||
| CVE-2018-21008 | 1 Linux | 1 Linux Kernel | 2019-09-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | |||||
| CVE-2019-15924 | 1 Linux | 1 Linux Kernel | 2019-09-14 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | |||||
| CVE-2018-19824 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-09-10 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | |||||
| CVE-2019-15291 | 1 Linux | 1 Linux Kernel | 2019-09-06 | 4.9 MEDIUM | 4.6 MEDIUM |
| An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | |||||
| CVE-2019-3701 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-09-03 | 4.9 MEDIUM | 4.4 MEDIUM |
| An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. | |||||
| CVE-2018-19985 | 3 Debian, Linux, Netapp | 4 Debian Linux, Linux Kernel, Active Iq Performance Analytics Services and 1 more | 2019-09-03 | 2.1 LOW | 4.6 MEDIUM |
| The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. | |||||
| CVE-2017-18550 | 1 Linux | 1 Linux Kernel | 2019-08-23 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure. | |||||
| CVE-2017-18549 | 1 Linux | 1 Linux Kernel | 2019-08-23 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_send_raw_srb does not initialize the reply structure. | |||||
| CVE-2007-2764 | 2 Brocade, Linux | 9 Silkworm 12000 Director, Silkworm 200e Switch, Silkworm 24000 Director and 6 more | 2019-08-14 | 7.8 HIGH | N/A |
| The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors. | |||||
| CVE-2018-14617 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-08-13 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. | |||||
| CVE-2018-14615 | 1 Linux | 1 Linux Kernel | 2019-08-13 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative. | |||||
| CVE-2018-14609 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-08-13 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized. | |||||