National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • Keyword (text search): linux
There are 7,743 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2019-16230

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

Published: September 11, 2019; 12:15:11 PM -04:00
V3.1: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-16229

** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id.

Published: September 11, 2019; 12:15:10 PM -04:00
V3.1: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-16089

An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.

Published: September 06, 2019; 07:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-15927

An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.

Published: September 04, 2019; 05:15:11 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

Published: September 04, 2019; 05:15:11 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 9.4 HIGH
CVE-2019-15925

An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

Published: September 04, 2019; 05:15:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2018-21008

An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.

Published: September 04, 2019; 05:15:10 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-18595

An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.

Published: September 04, 2019; 05:15:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15924

An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2019-15923

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2019-15922

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2019-15921

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2019-15920

An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15919

An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

Published: September 04, 2019; 03:15:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15917

An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.

Published: September 04, 2019; 03:15:11 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2019-15916

An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.

Published: September 04, 2019; 11:15:11 AM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-15902

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.

Published: September 04, 2019; 02:15:10 AM -04:00
V3.1: 5.6 MEDIUM
    V2: 4.7 MEDIUM
CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

Published: August 29, 2019; 02:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-15753

In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network. Only deployments using the linuxbridge backend are affected. This occurs in PyRoute2.add() in internal/command/ip/linux/impl_pyroute2.py.

Published: August 28, 2019; 05:15:10 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM