National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.28:rc5
There are 1,206 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-11486

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.

Published: April 23, 2019; 06:29:05 PM -04:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

Published: April 11, 2019; 08:29:00 PM -04:00
V3: 2.5 LOW
V2: 1.9 LOW
CVE-2019-11190

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

Published: April 11, 2019; 08:29:00 PM -04:00
V3: 4.7 MEDIUM
V2: 4.7 MEDIUM
CVE-2019-3460

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -04:00
V3: 6.5 MEDIUM
V2: 3.3 LOW
CVE-2019-3459

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -04:00
V3: 6.5 MEDIUM
V2: 3.3 LOW
CVE-2019-8956

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Published: April 01, 2019; 03:29:01 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-10125

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

Published: March 27, 2019; 02:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-10124

An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel before 5.0.4. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker can cause a denial of service (BUG).

Published: March 27, 2019; 02:29:00 AM -04:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2019-9857

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.

Published: March 21, 2019; 12:01:17 PM -04:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Published: March 21, 2019; 12:01:11 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

Published: March 21, 2019; 12:01:10 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2018-20669

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.

Published: March 21, 2019; 12:00:37 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-19985

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

Published: March 21, 2019; 12:00:33 PM -04:00
V3: 4.6 MEDIUM
V2: 2.1 LOW
CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

Published: February 22, 2019; 10:29:00 AM -05:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

Published: February 22, 2019; 10:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-8980

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

Published: February 21, 2019; 12:29:01 AM -05:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2019-8912

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Published: February 18, 2019; 01:29:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-6974

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

Published: February 15, 2019; 10:29:00 AM -05:00
V3: 8.1 HIGH
V2: 6.8 MEDIUM
CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.

Published: February 01, 2019; 05:29:00 PM -05:00
V3: 5.6 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-10741

In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.

Published: February 01, 2019; 11:29:00 AM -05:00
V3: 4.7 MEDIUM
V2: 4.7 MEDIUM