Product:

Linux_kernel

(Linux)
Repositories https://github.com/torvalds/linux
https://github.com/mjg59/linux
https://github.com/stoth68000/media-tree
https://github.com/acpica/acpica
https://github.com/derrekr/android_security
#Vulnerabilities 7191
Date Id Summary Products Score Patch Annotated
2020-04-02 CVE-2020-11494 An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4. Ubuntu_linux, Debian_linux, Linux_kernel, Leap 4.4
2021-06-07 CVE-2019-25045 An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. Linux_kernel, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Aff_a700s_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 7.8
2020-06-03 CVE-2019-20810 go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. Ubuntu_linux, Linux_kernel, Leap 5.5
2019-12-03 CVE-2019-19535 In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. Debian_linux, Linux_kernel, Leap, Sd\-Wan_edge 4.6
2020-05-05 CVE-2020-12653 An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_compute_node_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 7.8
2022-04-18 CVE-2011-4917 In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. Linux_kernel 5.5
2020-03-24 CVE-2020-10942 In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. Ubuntu_linux, Debian_linux, Linux_kernel, Leap 5.3
2016-05-02 CVE-2016-1575 The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. Ubuntu_core, Ubuntu_linux, Ubuntu_touch, Linux_kernel 7.8
2016-05-02 CVE-2016-1576 The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. Ubuntu_core, Ubuntu_linux, Ubuntu_touch, Linux_kernel 7.8
2016-05-02 CVE-2016-2853 The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. Linux_kernel 7.8