Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_kernel
(Linux)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux • https://github.com/stoth68000/media-tree • https://github.com/acpica/acpica • https://github.com/derrekr/android_security |
| #Vulnerabilities | 7191 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-07 | CVE-2019-18813 | A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. | Ubuntu_linux, Linux_kernel | 7.5 | ||
| 2019-11-18 | CVE-2019-19044 | Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. | Brocade_fabric_operating_system_firmware, Ubuntu_linux, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage | 7.5 | ||
| 2019-12-28 | CVE-2019-20054 | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, H610s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller, Steelstore_cloud_integrated_storage | 5.5 | ||
| 2019-12-30 | CVE-2019-20096 | In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
| 2020-06-03 | CVE-2019-20811 | An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
| 2015-06-07 | CVE-2015-4003 | The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet. | Linux_kernel | N/A | ||
| 2020-01-16 | CVE-2019-9500 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by... | Brcmfmac_driver, Linux_kernel | 8.3 | ||
| 2017-09-12 | CVE-2017-1000251 | The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. | Debian_linux, Linux_kernel, Jetson_tk1, Jetson_tx1, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.0 | ||
| 2014-03-11 | CVE-2014-0100 | Race condition in the inet_frag_intern function in net/ipv4/inet_fragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service (use-after-free error) or possibly have unspecified other impact via a large series of fragmented ICMP Echo Request packets to a system with a heavy CPU load. | Linux_kernel | N/A | ||
| 2016-02-08 | CVE-2015-8787 | The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604. | Linux_kernel | 9.8 |