| CVE-2020-9383 |
AVG-1108 |
High |
No |
Authentication bypass |
An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC... |
| CVE-2020-8835 |
AVG-1122 |
High |
No |
Privilege escalation |
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while... |
| CVE-2020-2732 |
AVG-1108 |
High |
No |
Information disclosure |
An issue has been found in KVM before 5.5.7, where vmx_check_intercept ws is not yet fully implemented on Intel processors, causing e.g. the I/O or MSR... |
| CVE-2019-17666 |
AVG-1064 |
Critical |
Yes |
Arbitrary code execution |
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel before 5.3.9, 4.19.82, 4.14.152, 4.9.199, 4.4.199 lacks a certain... |
| CVE-2019-12881 |
AVG-996 |
High |
No |
Denial of service |
i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of... |
| CVE-2019-11683 |
AVG-955 |
High |
Yes |
Arbitrary code execution |
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows remote attackers to cause a denial of service... |
| CVE-2019-11479 |
AVG-983 |
Medium |
Yes |
Denial of service |
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size... |
| CVE-2019-11478 |
AVG-983 |
High |
Yes |
Denial of service |
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments.... |
| CVE-2019-11477 |
AVG-983 |
High |
Yes |
Denial of service |
An integer overflow has been discovered in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A sequence of SACKs may be crafted such... |
| CVE-2019-8912 |
AVG-989 |
Critical |
Yes |
Arbitrary code execution |
In the Linux kernel through 4.20.10, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a... |
| CVE-2019-7222 |
AVG-850 |
Medium |
No |
Information disclosure |
An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON,... |
| CVE-2019-7221 |
AVG-850 |
Critical |
No |
Privilege escalation |
A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1)... |
| CVE-2019-6974 |
AVG-850 |
High |
No |
Arbitrary code execution |
A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via... |
| CVE-2019-5489 |
AVG-842 |
High |
Yes |
Information disclosure |
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other... |
| CVE-2019-3460 |
AVG-988 |
Medium |
Yes |
Information disclosure |
In the function l2cap_get_conf_opt (l2cap_core.c), which is used to parse configuration elements during an L2cap connection negotiation process. In this... |
| CVE-2019-3459 |
AVG-988 |
Medium |
Yes |
Information disclosure |
In the functions l2cap_parse_conf_rsp, l2cap_parse_conf_req (l2cap_core.c), and other locations, there is a while loop which is used to parse configuration... |
| CVE-2018-18445 |
AVG-784 |
Low |
No |
Denial of service |
In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out- of-bounds memory... |
| CVE-2018-17182 |
AVG-771 |
High |
No |
Privilege escalation |
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An... |
| CVE-2018-8897 |
AVG-701 |
High |
No |
Denial of service |
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of... |
| CVE-2018-5391 |
AVG-760 |
High |
Yes |
Denial of service |
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this... |
| CVE-2018-5390 |
AVG-747 |
High |
Yes |
Denial of service |
A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time... |
| CVE-2018-3646 |
AVG-756 |
High |
No |
Information disclosure |
Systems with microprocessors utilising speculative execution and address translations may allow unauthorised disclosure of information residing in the L1... |
| CVE-2018-3620 |
AVG-756 |
High |
No |
Information disclosure |
Systems with microprocessors utilising speculative execution and address translations may allow unauthorised disclosure of information residing in the L1... |
| CVE-2018-3615 |
AVG-756 |
High |
No |
Information disclosure |
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of... |
| CVE-2018-1121 |
AVG-701 |
Low |
No |
Content spoofing |
A security issue has been found in Linux <= 4.16.9, where an unprivileged attacker can hide a process from procps-ng's utilities by exploiting either a... |
| CVE-2018-1120 |
AVG-701 |
Medium |
No |
Denial of service |
A denial of service has been found in Linux <= 4.16.9. An attacker can block any read() access to /proc/PID/cmdline by mmap()ing a FUSE file (Filesystem in... |
| CVE-2017-1000407 |
AVG-562 |
Medium |
Yes |
Denial of service |
Linux kernel Virtualization Module (CONFIG_KVM) for the Intel processor family (CONFIG_KVM_INTEL) before 4.14.6, 4.9.69, 4.4.106, 3.18.88, 3.16.52 and... |
| CVE-2017-1000379 |
AVG-323 |
Medium |
No |
Access restriction bypass |
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing... |
| CVE-2017-1000365 |
AVG-323 |
Medium |
No |
Insufficient validation |
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does... |
| CVE-2017-1000364 |
AVG-313 |
High |
No |
Privilege escalation |
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions... |
| CVE-2017-1000251 |
AVG-392 |
High |
Yes |
Arbitrary code execution |
A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client.... |
| CVE-2017-1000112 |
AVG-434 |
High |
No |
Arbitrary code execution |
Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to... |
| CVE-2017-1000111 |
AVG-434 |
High |
No |
Arbitrary code execution |
heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes... |
| CVE-2017-17864 |
AVG-552 |
Medium |
No |
Information disclosure |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.73 mishandles states_equal comparisons between the pointer data... |
| CVE-2017-17863 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 does not check the relationship between pointer values and... |
| CVE-2017-17862 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 ignore unreachable code, even though it would still be... |
| CVE-2017-17857 |
AVG-552 |
Medium |
No |
Denial of service |
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory... |
| CVE-2017-17856 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or... |
| CVE-2017-17855 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or... |
| CVE-2017-17854 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (integer overflow and... |
| CVE-2017-17853 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or... |
| CVE-2017-17852 |
AVG-552 |
Medium |
No |
Denial of service |
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or... |
| CVE-2017-17807 |
AVG-562 |
Low |
No |
Access restriction bypass |
The KEYS subsystem in the Linux kernel before 4.14.6, 4.9.69, 4.4.107, 3.18.88, 3.16.52 and 3.2.97 omitted an access-control check when adding a key to the... |
| CVE-2017-17806 |
AVG-552 |
Medium |
No |
Denial of service |
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate that the... |
| CVE-2017-17805 |
AVG-552 |
Medium |
No |
Denial of service |
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle zero-length... |
| CVE-2017-17741 |
AVG-567 |
Medium |
No |
Information disclosure |
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio... |
| CVE-2017-17712 |
AVG-552 |
High |
No |
Privilege escalation |
A flaw was found in the Linux kernel's implementation of raw_sendmsg before 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic the kernel or... |
| CVE-2017-17558 |
AVG-552 |
High |
No |
Denial of service |
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89,... |
| CVE-2017-17450 |
AVG-567 |
High |
No |
Access restriction bypass |
It has been discovered that net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and... |
| CVE-2017-17449 |
AVG-552 |
Medium |
No |
Information disclosure |
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52 when... |
| CVE-2017-17448 |
AVG-567 |
High |
No |
Access restriction bypass |
It has been discovered that net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new,... |
| CVE-2017-16996 |
AVG-552 |
High |
No |
Privilege escalation |
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The... |
| CVE-2017-16995 |
AVG-552 |
High |
No |
Privilege escalation |
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL)... |
| CVE-2017-16650 |
AVG-484 |
Medium |
No |
Denial of service |
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero... |
| CVE-2017-16649 |
AVG-484 |
Medium |
No |
Denial of service |
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service... |
| CVE-2017-16648 |
AVG-484 |
High |
No |
Privilege escalation |
The dvb_frontend_free function in drivers/media/dvb- core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service... |
| CVE-2017-16647 |
AVG-484 |
Medium |
No |
Denial of service |
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system... |
| CVE-2017-16646 |
AVG-484 |
Medium |
No |
Denial of service |
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or... |
| CVE-2017-16645 |
AVG-484 |
Medium |
No |
Denial of service |
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims- pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service... |
| CVE-2017-16644 |
AVG-567 |
Medium |
No |
Denial of service |
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service... |
| CVE-2017-16643 |
AVG-484 |
Medium |
No |
Denial of service |
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service... |
| CVE-2017-16538 |
AVG-483 |
Medium |
No |
Denial of service |
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and... |
| CVE-2017-16537 |
AVG-483 |
Medium |
No |
Denial of service |
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer... |
| CVE-2017-16536 |
AVG-483 |
Medium |
No |
Denial of service |
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx- cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of... |
| CVE-2017-16535 |
AVG-483 |
Medium |
No |
Denial of service |
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service... |
| CVE-2017-16534 |
AVG-483 |
Medium |
No |
Denial of service |
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service... |
| CVE-2017-16533 |
AVG-483 |
Medium |
No |
Denial of service |
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds... |
| CVE-2017-16532 |
AVG-483 |
Medium |
No |
Denial of service |
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer... |
| CVE-2017-16531 |
AVG-483 |
Medium |
No |
Denial of service |
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or... |
| CVE-2017-16530 |
AVG-483 |
Medium |
No |
Denial of service |
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have... |
| CVE-2017-16529 |
AVG-483 |
Medium |
No |
Denial of service |
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds... |
| CVE-2017-16528 |
AVG-483 |
High |
No |
Privilege escalation |
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use- after-free and... |
| CVE-2017-16527 |
AVG-483 |
High |
No |
Privilege escalation |
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system... |
| CVE-2017-16526 |
AVG-483 |
Medium |
No |
Denial of service |
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly... |
| CVE-2017-16525 |
AVG-483 |
High |
No |
Privilege escalation |
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service... |
| CVE-2017-15265 |
AVG-508 |
High |
No |
Privilege escalation |
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have... |
| CVE-2017-15115 |
AVG-483 |
High |
No |
Privilege escalation |
It was found that in Linux kernel before 4.14 when peeling off an association to the socket in another network namespace, all transports in this association... |
| CVE-2017-14954 |
AVG-428 |
Medium |
No |
Information disclosure |
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users... |
| CVE-2017-14497 |
AVG-553 |
Medium |
No |
Denial of service |
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial... |
| CVE-2017-12154 |
AVG-417 |
High |
No |
Access restriction bypass |
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0... |
| CVE-2017-9986 |
AVG-331 |
Medium |
No |
Denial of service |
The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a denial of service... |
| CVE-2017-9985 |
AVG-331 |
Medium |
No |
Denial of service |
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a... |
| CVE-2017-9984 |
AVG-331 |
Medium |
No |
Denial of service |
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a... |
| CVE-2017-8824 |
AVG-552 |
High |
No |
Privilege escalation |
A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. The dccp_disconnect function in net/dccp/proto.c... |
| CVE-2017-7374 |
AVG-232 |
High |
No |
Privilege escalation |
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or... |
| CVE-2017-7184 |
AVG-228 |
Medium |
No |
Privilege escalation |
A local privilege escalation vulnerability has been found in the Linux kernel. Chaitin Security Research Lab discovered that xfrm_replay_verify_len(), as... |
| CVE-2017-6074 |
AVG-178 |
High |
No |
Privilege escalation |
A use-after-free vulnerability has been discovered in the DCCP implementation in the Linux kernel. The dccp_rcv_state_process function in net/dccp/input.c... |
| CVE-2017-6001 |
AVG-187 |
High |
No |
Privilege escalation |
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes... |
| CVE-2017-5986 |
AVG-178 |
Medium |
No |
Denial of service |
It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer... |
| CVE-2017-5754 |
AVG-552 |
High |
No |
Access restriction bypass |
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used... |
| CVE-2017-5753 |
AVG-987 |
High |
Yes |
Access restriction bypass |
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used... |
| CVE-2017-5715 |
AVG-987 |
High |
No |
Access restriction bypass |
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used... |
| CVE-2017-5123 |
AVG-444 |
High |
No |
Privilege escalation |
It was discovered that when the waitid() syscall in Linux kernel v4.13 was refactored, it accidentally stopped checking that the incoming argument was... |
| CVE-2017-2636 |
AVG-192 |
High |
No |
Privilege escalation |
A race condition flaw was found in the N_HLDC Linux kernel driver when accessing the n_hdlc.tbuf list that can lead to double free. A local, unprivileged... |
| CVE-2017-2583 |
AVG-149 |
Medium |
No |
Privilege escalation |
The Linux kernel > 3.6-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value... |
| CVE-2016-10229 |
AVG-240 |
Critical |
Yes |
Arbitrary code execution |
A security has been in found in udp.c in the Linux kernel before 4.5, which allows remote attackers to execute arbitrary code via UDP traffic that triggers... |
| CVE-2016-10088 |
AVG-178 |
High |
No |
Privilege escalation |
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which... |
| CVE-2016-9919 |
AVG-101 |
High |
Yes |
Denial of service |
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers... |
| CVE-2016-9588 |
AVG-178 |
Medium |
No |
Denial of service |
Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to an uncaught... |
| CVE-2016-8655 |
AVG-95 |
High |
No |
Privilege escalation |
A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem... |
| CVE-2016-5195 |
AVG-48 |
High |
No |
Privilege escalation |
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read- only memory mappings. An... |