Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_kernel
(Linux)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux • https://github.com/stoth68000/media-tree • https://github.com/acpica/acpica • https://github.com/derrekr/android_security |
| #Vulnerabilities | 7191 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-12 | CVE-2011-4916 | Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | Linux_kernel | 5.5 | ||
| 2019-12-23 | CVE-2019-5108 | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can... | Ubuntu_linux, Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Sd\-Wan_edge | 6.5 | ||
| 2020-04-02 | CVE-2020-11494 | An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 4.4 | ||
| 2021-06-07 | CVE-2019-25045 | An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. | Linux_kernel, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Aff_a700s_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware | 7.8 | ||
| 2020-06-03 | CVE-2019-20810 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. | Ubuntu_linux, Linux_kernel, Leap | 5.5 | ||
| 2019-12-03 | CVE-2019-19535 | In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. | Debian_linux, Linux_kernel, Leap, Sd\-Wan_edge | 4.6 | ||
| 2020-05-05 | CVE-2020-12653 | An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. | Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_compute_node_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap | 7.8 | ||
| 2022-04-18 | CVE-2011-4917 | In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. | Linux_kernel | 5.5 | ||
| 2020-03-24 | CVE-2020-10942 | In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 5.3 | ||
| 2016-05-02 | CVE-2016-1575 | The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. | Ubuntu_core, Ubuntu_linux, Ubuntu_touch, Linux_kernel | 7.8 |