Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_kernel
(Linux)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux • https://github.com/stoth68000/media-tree • https://github.com/acpica/acpica • https://github.com/derrekr/android_security |
| #Vulnerabilities | 7191 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-01-14 | CVE-2017-15126 | A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put(). | Linux_kernel | 8.1 | ||
| 2002-07-26 | CVE-2002-0704 | The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. | Linux_kernel | 7.5 | ||
| 2019-08-16 | CVE-2019-15118 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Data_availability_services, H410c_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Leap | 5.5 | ||
| 2005-10-12 | CVE-2005-3119 | Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. | Linux_kernel | N/A | ||
| 2010-05-07 | CVE-2010-1437 | Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function. | Debian_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_high_availability_extension, Linux_enterprise_server | 7.0 | ||
| 2013-04-29 | CVE-2013-3301 | The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call. | Linux_kernel, Enterprise_linux, Enterprise_mrg, Linux_enterprise_desktop, Linux_enterprise_high_availability_extension, Linux_enterprise_server | N/A | ||
| 2014-09-28 | CVE-2014-3631 | The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation. | Linux_kernel | N/A | ||
| 2001-04-17 | CVE-2001-1391 | Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory. | Linux_kernel | 5.5 | ||
| 2005-12-31 | CVE-2005-3623 | nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems. | Linux_kernel | N/A | ||
| 2013-12-14 | CVE-2013-4587 | Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value. | Linux_kernel, Opensuse | N/A |