Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3682 :
Remaining NVD entries (unprocessed / no code available): ~284107 :
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-08-07 | CVE-2006-3635 | The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state. | Linux_kernel | 5.5 | ||
| 2016-05-02 | CVE-2008-7316 | mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length. | Linux_kernel | 5.5 | ||
| 2017-04-24 | CVE-2007-6761 | drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321. | Linux_kernel | 7.8 | ||
| 2017-10-29 | CVE-2006-5331 | The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction. | Linux_kernel | 5.5 | ||
| 2012-06-21 | CVE-2010-4250 | Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files. | Linux_kernel | N/A | ||
| 2012-06-21 | CVE-2011-1023 | The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation. | Linux_kernel | N/A | ||
| 2012-06-21 | CVE-2011-1021 | drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347. | Linux_kernel | N/A |
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2020-12-15 | CVE-2020-8938 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02 | Asylo | 3.3 | |
| 2020-12-11 | CVE-2020-27825 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. | Debian_linux, Linux_kernel, Cloud_backup, H410c_firmware, Solidfire_baseboard_management_controller_firmware, Enterprise_linux, Enterprise_mrg | 5.7 | |
| 2020-12-11 | CVE-2020-7789 | This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array. | Node\-Notifier | 5.6 | |
| 2020-12-11 | CVE-2020-27786 | A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller, Enterprise_linux, Enterprise_mrg, Openshift_container_platform | 7.8 | |
| 2020-12-10 | CVE-2020-26201 | Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to the device Operating System via Telnet or SSH. | Ap5100w_firmware | 9.8 | |
| 2020-12-09 | CVE-2020-29660 | A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. | Fabric_operating_system, Debian_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, H410c_firmware, Solidfire_baseboard_management_controller_firmware | 4.4 | |
| 2020-12-09 | CVE-2020-29661 | A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. | Fabric_operating_system, Debian_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, H410c_firmware, Solidfire_baseboard_management_controller_firmware, Tekelec_platform_distribution | 7.8 |