Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:5.1.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-17053 |
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. Published: October 01, 2019; 10:15:42 AM -0400 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2019-17052 |
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. Published: October 01, 2019; 10:15:40 AM -0400 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2019-16746 |
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. Published: September 24, 2019; 2:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-16714 |
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. Published: September 23, 2019; 8:15:10 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-14816 |
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Published: September 20, 2019; 3:15:11 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-14814 |
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Published: September 20, 2019; 3:15:11 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-15031 |
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. Published: September 13, 2019; 9:15:11 AM -0400 |
V3.1: 4.4 MEDIUM V2.0: 3.6 LOW |
CVE-2019-15030 |
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. Published: September 13, 2019; 9:15:11 AM -0400 |
V3.1: 4.4 MEDIUM V2.0: 3.6 LOW |
CVE-2019-16089 |
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. Published: September 06, 2019; 7:15:12 PM -0400 |
V3.1: 4.1 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2019-15926 |
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. Published: September 04, 2019; 5:15:11 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 9.4 HIGH |
CVE-2019-15925 |
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. Published: September 04, 2019; 5:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-15807 |
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. Published: August 29, 2019; 2:15:12 PM -0400 |
V3.1: 4.7 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2019-15505 |
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). Published: August 23, 2019; 2:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-15504 |
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). Published: August 23, 2019; 2:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-15291 |
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. Published: August 20, 2019; 10:15:11 AM -0400 |
V3.0: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15223 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. Published: August 19, 2019; 6:15:12 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15222 |
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15221 |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15220 |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15219 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |