National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:4.10.3
There are 1,285 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Published: March 21, 2019; 12:01:11 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

Published: March 21, 2019; 12:01:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2018-20669

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.

Published: March 21, 2019; 12:00:37 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2018-19985

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

Published: March 21, 2019; 12:00:33 PM -04:00
V3.0: 4.6 MEDIUM
    V2: 2.1 LOW
CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

Published: February 22, 2019; 10:29:00 AM -05:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

Published: February 22, 2019; 10:29:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-8980

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

Published: February 21, 2019; 12:29:01 AM -05:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-8912

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Published: February 18, 2019; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-6974

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

Published: February 15, 2019; 10:29:00 AM -05:00
V3.0: 8.1 HIGH
    V2: 6.8 MEDIUM
CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.

Published: February 01, 2019; 05:29:00 PM -05:00
V3.0: 5.6 MEDIUM
    V2: 4.7 MEDIUM
CVE-2017-18360

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

Published: January 31, 2019; 04:29:00 AM -05:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2019-5489

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

Published: January 07, 2019; 12:29:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2019-3701

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames.

Published: January 03, 2019; 11:29:00 AM -05:00
V3.0: 4.4 MEDIUM
    V2: 4.9 MEDIUM
CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

Published: January 03, 2019; 11:29:00 AM -05:00
V3.0: 8.8 HIGH
    V2: 7.2 HIGH
CVE-2018-20511

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.

Published: December 27, 2018; 09:29:00 AM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2018-20169

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.

Published: December 17, 2018; 02:29:00 AM -05:00
V3.0: 6.8 MEDIUM
    V2: 7.2 HIGH
CVE-2018-18397

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Published: December 12, 2018; 05:29:00 AM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2018-19854

An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).

Published: December 04, 2018; 11:29:00 AM -05:00
V3.0: 4.7 MEDIUM
    V2: 1.9 LOW
CVE-2018-19824

In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.

Published: December 03, 2018; 12:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2018-16862

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

Published: November 26, 2018; 02:29:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW