Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.3.7
There are 1,769 matching records.
Displaying matches 301 through 320.
Vuln ID Summary CVSS Severity
CVE-2019-17075

An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.

Published: October 01, 2019; 5:15:11 PM -0400
V3.1: 7.5 HIGH
V2.0: 7.1 HIGH
CVE-2019-17056

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

Published: October 01, 2019; 10:15:55 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2019-17055

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

Published: October 01, 2019; 10:15:51 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2019-17054

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.

Published: October 01, 2019; 10:15:46 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2019-17053

ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.

Published: October 01, 2019; 10:15:42 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2019-17052

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

Published: October 01, 2019; 10:15:40 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2019-16994

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.

Published: September 30, 2019; 9:15:11 AM -0400
V3.1: 4.7 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2019-16921

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

Published: September 27, 2019; 9:15:10 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-16746

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

Published: September 24, 2019; 2:15:10 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-16714

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

Published: September 23, 2019; 8:15:10 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-14816

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Published: September 20, 2019; 3:15:11 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-14814

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Published: September 20, 2019; 3:15:11 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-16413

An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.

Published: September 18, 2019; 8:15:10 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-15031

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.

Published: September 13, 2019; 9:15:11 AM -0400
V3.1: 4.4 MEDIUM
V2.0: 3.6 LOW
CVE-2019-15030

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.

Published: September 13, 2019; 9:15:11 AM -0400
V3.1: 4.4 MEDIUM
V2.0: 3.6 LOW
CVE-2019-16089

An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.

Published: September 06, 2019; 7:15:12 PM -0400
V3.1: 4.1 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2019-15927

An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.

Published: September 04, 2019; 5:15:11 PM -0400
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

Published: September 04, 2019; 5:15:11 PM -0400
V3.0: 9.1 CRITICAL
V2.0: 9.4 HIGH
CVE-2019-15925

An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

Published: September 04, 2019; 5:15:10 PM -0400
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2018-21008

An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.

Published: September 04, 2019; 5:15:10 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM