Product:

Linux_kernel

(Linux)
Date Id Summary Products Score Patch Annotated
2019-09-13 CVE-2019-15030 In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux N/A
2019-08-19 CVE-2019-15214 An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. Ubuntu_linux, Linux_kernel, Leap N/A
2020-02-19 CVE-2012-0055 OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. Ubuntu_linux, Linux_kernel N/A
2020-02-20 CVE-2011-4915 fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. Ubuntu_linux, Debian_linux, Linux_kernel N/A
2020-02-20 CVE-2011-2498 The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. Ubuntu_linux, Linux_kernel N/A
2020-02-20 CVE-2011-0699 Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. Linux_kernel N/A
2020-02-12 CVE-2012-0810 The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention. Linux_kernel N/A
2020-02-11 CVE-2009-4067 Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system. Linux_kernel, Enterprise_linux N/A
2020-01-15 CVE-2007-4774 The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process. Linux_kernel N/A
2020-01-29 CVE-2020-8428 fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed. Linux_kernel N/A