linux-hardened

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The Security-Hardened Linux kernel and modules
Version 5.12.19.hardened1-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2234 5.12.19.hardened1-1 Medium Vulnerable
AVG-1881 5.12.19.hardened1-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-37159 AVG-2234 Medium No Arbitrary code execution
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel before version 5.13.6 calls unregister_netdev without checking for the NETREG_REGISTERED...
CVE-2021-31615 AVG-1881 Low Yes Denial of service
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet...
CVE-2021-3640 AVG-1881 Medium No Arbitrary code execution
A use after free vulnerability has been found in sco_send_frame() in the Bluetooth stack of the Linux kernel, similar to CVE-2021-3573. A local attacker...
CVE-2021-3542 AVG-1881 Medium No Privilege escalation
A heap-based buffer overflow security issue was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw...
CVE-2020-26560 AVG-1881 Medium Yes Authentication bypass
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a...
CVE-2020-26559 AVG-1881 Medium Yes Private key recovery
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify...
CVE-2020-26557 AVG-1881 Medium Yes Private key recovery
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning...
CVE-2020-26556 AVG-1881 Medium Yes Private key recovery
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an...
CVE-2020-26555 AVG-1881 Medium Yes Authentication bypass
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2228 5.12.17.hardened1-1 5.12.18.hardened1-1 Medium Fixed
AVG-2183 5.12.18.hardened1-1 5.12.19.hardened1-1 High Fixed
AVG-2163 5.11.14.hardened1-1 5.11.15.hardened1-1 High Fixed
AVG-2121 5.12.13.hardened1-1 5.12.14.hardened1-1 Medium Fixed
AVG-2096 5.12.12.hardened1-1 5.12.13.hardened1-1 Medium Fixed
AVG-2065 5.12.9.hardened1-1 5.12.10.hardened1-1 Medium Fixed
AVG-2033 5.12.7.hardened1-1 5.12.9.hardened1-1 Medium Fixed
AVG-1960 5.11.20.hardened1-2 5.11.21.hardened1-1 Medium Fixed
AVG-1954 5.11.19.hardened1-1 5.11.20.hardened1-1 Medium Fixed
AVG-1931 5.11.18.hardened1-1 5.11.19.hardened1-1 Medium Fixed
AVG-1852 5.11.15.hardened1-1 5.11.16.hardened1-1 Medium Fixed
AVG-1797 5.11.11.hardened1-1 5.11.13.hardened1-1 Medium Fixed
AVG-1784 5.11.22.hardened1-1 5.12.6.hardened1-1 Low Fixed
AVG-1748 5.11.10.hardened1-1 5.11.11.hardened1-1 Medium Fixed
AVG-1725 5.11.8.hardened1-1 Medium Not affected
AVG-1717 5.11.8.hardened1-1 5.11.9.hardened1-1 Medium Fixed
AVG-1712 5.11.7.hardened1-1 5.11.8.hardened1-1 Medium Fixed
AVG-1694 5.11.6.hardened1-1 Medium Not affected
AVG-1687 5.11.6.hardened1-1 5.11.7.hardened1-1 High Fixed
AVG-1645 5.10.19.hardened1-1 5.10.21.hardened1-1 Medium Fixed
AVG-1613 5.10.17.hardened1-1 5.10.18.hardened1-1 Medium Fixed
AVG-1559 5.10.14.hardened1-1 Medium Not affected
AVG-1557 5.9.16.a-1 5.10.a-1 Medium Not affected
AVG-1513 5.10.12.hardened1-1 5.10.13.hardened1-1 Medium Fixed
AVG-1507 5.10.11.hardened1-1 5.10.12.hardened1-1 Medium Fixed
AVG-1467 5.10.9.a-1 5.10.10.hardened1-1 Low Fixed
AVG-1443 5.10.6.a-1 5.10.7.a-1 Medium Fixed
AVG-1410 5.10.5.a-2 5.10.6.a-1 High Fixed
AVG-1269 5.9.7.a-1 5.9.8.a-1 Medium Fixed
AVG-1251 5.8.14.a-1 5.8.16.a-1 High Fixed
AVG-1245 5.9.8.a-1 5.9.9.a-1 High Fixed FS#68257
AVG-1237 5.7.19.a-1 5.8.a-1 High Fixed
AVG-1120 5.5.13.a-1 5.5.13.b-1 High Fixed
AVG-1063 5.3.7.a-1 5.3.7.b-1 Critical Fixed
AVG-986 5.1.10.a-1 5.1.11.a-1 High Fixed
AVG-958 5.0.11.a-1 5.0.12.a-1 High Fixed
AVG-762 4.18.1.a-1 4.19.4.a-1 High Fixed
AVG-750 4.17.10.a-1 4.17.11.a-1 High Fixed
AVG-703 4.16.9.a-1 4.17a-1 High Fixed
AVG-574 4.14.7.a-1 4.14.11.a-1 High Fixed FS#56832
AVG-573 4.14.11.a-1 4.16.5.a-1 Medium Fixed
AVG-568 4.13.11-1 4.14-1 High Fixed
AVG-564 4.14.5-1 4.14.6-1 Medium Fixed
AVG-558 4.14.11.a-1 4.15.1.1-1 High Fixed
AVG-555 4.11.7-1 4.13-1 Medium Fixed
AVG-511 4.13.7.a-1 4.13.8.a-1 High Fixed
AVG-446 4.13.6.a-1 4.13.7.a-1 High Fixed
AVG-430 4.13.4.a-1 4.13.5.a-1 Medium Fixed
AVG-395 4.13.1.a-1 4.13.1.b-1 High Fixed FS#55602
AVG-321 4.11.6.d-1 4.15.15.a-1 Medium Fixed
AVG-320 4.11.6.b-1 Medium Not affected
AVG-317 4.11.6.b-1 High Not affected
AVG-314 4.11.6.b-1 4.11.6.d-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-35039 AVG-2121 Medium No Certificate verification bypass
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a...
CVE-2021-34693 AVG-2096 Medium No Information disclosure
net/can/bcm.c in the Linux kernel before 5.12.13 allows local users to obtain sensitive information from kernel stack memory because parts of a data...
CVE-2021-33909 AVG-2183 High No Privilege escalation
An privilege escalation security issue has been found in the filesystem layer of the Linux kernel before version 5.13.4. An unprivileged local attacker can...
CVE-2021-33624 AVG-2096 Medium No Information disclosure
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged...
CVE-2021-33200 AVG-2033 Medium No Privilege escalation
kernel/bpf/verifier.c in the Linux kernel before 5.12.8 enforces incorrect limits for pointer arithmetic operations, aka CID- bb01a1bba579. This can be...
CVE-2021-33034 AVG-1960 Medium No Arbitrary code execution
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing...
CVE-2021-32606 AVG-2033 Medium No Privilege escalation
In the Linux kernel since 5.11 before 5.12.9, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This...
CVE-2021-32399 AVG-1960 Medium No Arbitrary code execution
net/bluetooth/hci_request.c in the Linux kernel before version 5.12.4 has a race condition for removal of the HCI controller.
CVE-2021-31829 AVG-1931 Medium No Information disclosure
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel...
CVE-2021-31440 AVG-1960 Medium No Privilege escalation
This vulnerability allows local attackers to escalate privileges on affected installations of the Linux kernel before version 5.12.4. An attacker must first...
CVE-2021-30178 AVG-1784 Low No Denial of service
An issue was discovered in the Linux kernel. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V...
CVE-2021-29657 AVG-1797 Medium No Privilege escalation
A security issue has been found in the Linux kernel before version 5.11.12. There is a race condition between check and use of the nested VMCB controls in KVM.
CVE-2021-29650 AVG-1748 Low Yes Denial of service
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because...
CVE-2021-29649 AVG-1748 Medium No Information disclosure
An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps...
CVE-2021-29648 AVG-1748 Low No Denial of service
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are...
CVE-2021-29647 AVG-1748 Medium Yes Information disclosure
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel...
CVE-2021-29646 AVG-1748 Medium Yes Insufficient validation
An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka...
CVE-2021-29266 AVG-1717 Medium No Denial of service
An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon...
CVE-2021-29265 AVG-1687 Low No Denial of service
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service...
CVE-2021-29264 AVG-1748 Medium Yes Denial of service
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows...
CVE-2021-29155 AVG-1852 Medium No Information disclosure
An issue has been discovered in the Linux kernel before version 5.11.16 in the mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation)....
CVE-2021-29154 AVG-1797 Medium No Privilege escalation
An issue has been discovered in the Linux kernel up to version 5.11.12 that can be abused by unprivileged local users to escalate privileges. The issue is...
CVE-2021-28972 AVG-1717 Medium No Arbitrary code execution
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a...
CVE-2021-28971 AVG-1717 Low No Denial of service
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as...
CVE-2021-28964 AVG-1717 Low No Denial of service
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service...
CVE-2021-28952 AVG-1717 Medium No Arbitrary code execution
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected...
CVE-2021-28951 AVG-1717 Low No Denial of service
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be...
CVE-2021-28950 AVG-1712 Low No Denial of service
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same...
CVE-2021-28688 AVG-1748 Low No Denial of service
A security issue was found in the Linux kernel before version 5.11.11, as used by Xen. The fix for CVE-2021-26930, a.k.a. XSA-365, includes initialization...
CVE-2021-28660 AVG-1687 High Yes Arbitrary code execution
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array....
CVE-2021-28375 AVG-1687 Medium No Insufficient validation
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from...
CVE-2021-28038 AVG-1645 Low No Denial of service
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors...
CVE-2021-27365 AVG-1645 Medium No Information disclosure
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can...
CVE-2021-27364 AVG-1645 Medium No Insufficient validation
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user...
CVE-2021-27363 AVG-1645 Medium No Information disclosure
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure....
CVE-2021-26932 AVG-1613 Low No Denial of service
An issue was discovered in the Linux kernel 3.2 up to 5.10.17, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of...
CVE-2021-26931 AVG-1613 Low No Denial of service
An issue was discovered in the Linux kernel 2.6.39 up to 5.10.17, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug,...
CVE-2021-26930 AVG-1613 Medium No Privilege escalation
An issue was discovered in the Linux kernel 3.11 up to 5.10.17, as used by Xen. To service requests to the PV backend, the driver maps grant references...
CVE-2021-26708 AVG-1513 Medium No Privilege escalation
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong...
CVE-2021-23134 AVG-1960 Medium No Privilege escalation
A use after free security issue has been found in the Linux kernel before version 5.12.4 in the implementation of nfc sockets (in net/nfc/llcp_sock.c),...
CVE-2021-23133 AVG-1960 Medium No Privilege escalation
A race condition was found in the Linux kernel before version 5.12.4 in sctp_destroy_sock. If sctp_destroy_sock is called without...
CVE-2021-22555 AVG-2163 High No Privilege escalation
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause...
CVE-2021-22543 AVG-2121 Medium No Privilege escalation
An issue was discovered in the Linux KVM· through Improper handling of VM_IO|VM_PFNMAP, vmas in KVM can bypass RO checks and can lead to pages being freed...
CVE-2021-20292 AVG-1725 Medium No Privilege escalation
A security issue was found in the Linux kernel before version 5.9. The specific flaw exists within DRM memory management. The issue results from the lack of...
CVE-2021-20226 AVG-1557 Medium No Privilege escalation
An inappropriate handling of descriptors that results in a use-after- free vulnerability was found on the Linux kernel before version 5.10.
CVE-2021-20194 AVG-1559 Medium No Privilege escalation
There is a vulnerability in the Linux kernel versions higher than 5.2 and before version 5.11 (if the kernel is compiled with config params...
CVE-2021-3655 AVG-2228 Medium Yes Information disclosure
A vulnerability was found in the Linux kernel. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
CVE-2021-3612 AVG-2183 Medium No Privilege escalation
An out-of-bounds memory write security issue was found in the Linux kernel’s joystick devices subsystem before version 5.13.2, in the way the user calls...
CVE-2021-3609 AVG-2183 Medium No Privilege escalation
A race condition in net/can/bcm.c in the Linux kernel before version 5.13.2 allows for local privilege escalation to root. The CAN BCM networking protocol...
CVE-2021-3587 AVG-2065 Low No Denial of service
There is a null pointer dereference in llcp_sock_getname in net/nfc/llcp_sock.c of the Linux kernel. An unprivileged user can trigger this bug and cause...
CVE-2021-3573 AVG-2065 Medium No Arbitrary code execution
A use after free vulnerability has been found in the hci_sock_bound_ioctl() function of the Linux kernel. It can allow attackers to corrupt kernel heaps...
CVE-2021-3564 AVG-2065 Medium No Arbitrary code execution
A security issue has been found in Bluetooth subsystem of the Linux kernel. HCI device initialization failure can lead to unexpected results, like...
CVE-2021-3543 AVG-1954 Medium No Privilege escalation
A null pointer dereference in the Nitro Enclaves Linux kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor....
CVE-2021-3506 AVG-1954 Medium No Information disclosure
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel. A bounds check failure allows a local attacker...
CVE-2021-3501 AVG-1852 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.11.16. The value of internal.ndata, in the KVM API, is mapped to an array index, which can...
CVE-2021-3491 AVG-1960 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that the io_uring PROVIDE_BUFFERS operation allowed the MAX_RW_COUNT...
CVE-2021-3490 AVG-1960 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR)...
CVE-2021-3489 AVG-1960 Medium No Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that eBPF RINGBUF bpf_ringbuf_reserve did not check that the...
CVE-2021-3483 AVG-1797 Medium No Arbitrary code execution
A security issue has been found in the Linux kernel before version 5.11.12 in Linux/drivers/firewire/nosy.c. Nosy is an IEEE 1394 packet sniffer which is...
CVE-2021-3428 AVG-1694 Medium No Denial of service
A security issue was found in the Linux kernel before version 5.9. A denial of service problem is identified if an extent tree is corrupted in a crafted...
CVE-2021-3348 AVG-1513 Medium No Arbitrary code execution
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers...
CVE-2021-3347 AVG-1507 Medium No Arbitrary code execution
An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to...
CVE-2021-3178 AVG-1467 Low Yes Directory traversal
fs/nfsd/nfs3xdr.c in the Linux kernel before version 5.10.10 and 5.4.92, when there is an NFS export of a subdirectory of a filesystem, allows remote...
CVE-2020-36158 AVG-1410 High Yes Arbitrary code execution
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel might allow remote attackers to execute arbitrary code...
CVE-2020-28374 AVG-1443 Medium No Directory traversal
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote...
CVE-2020-27171 AVG-1712 Medium No Information disclosure
A numeric error in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation) has been identified. Unprivileged BPF...
CVE-2020-27170 AVG-1712 Medium No Information disclosure
A gap in the Linux kernel mechanism to mitigate speculatively out-of- bounds loads (Spectre mitigation) has been identified. Unprivileged BPF programs...
CVE-2020-26147 AVG-2033 Medium Yes Insufficient validation
An issue was discovered in the Linux kernel before version 5.12.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of...
CVE-2020-26145 AVG-2033 Medium Yes Insufficient validation
An issue was discovered in the Linux kernel before version 5.12.9. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast...
CVE-2020-26141 AVG-2033 Medium Yes Insufficient validation
An issue was discovered in the Linux kernel before version 5.12.9. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of...
CVE-2020-26139 AVG-2033 Medium Yes Insufficient validation
An issue was discovered in the Linux kernel before version 5.12.9. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has...
CVE-2020-25704 AVG-1269 Medium No Denial of service
A memory leak has been found in the perf_event_parse_addr_filter function of Linux before 5.9.7, leading to a denial of service.
CVE-2020-25639 AVG-1645 Low No Denial of service
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to versions 5.11.3 and 5.10.20 in the way...
CVE-2020-24588 AVG-2033 Medium Yes Insufficient validation
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in...
CVE-2020-24587 AVG-2033 Medium Yes Information disclosure
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a...
CVE-2020-24586 AVG-2033 Medium Yes Information disclosure
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments...
CVE-2020-24490 AVG-1251 Medium Yes Denial of service
A heap buffer overflow flaw was found in the way the Linux kernel’s Bluetooth implementation processed extended advertising report events. This flaw allows...
CVE-2020-16119 AVG-1245 High Yes Arbitrary code execution
Hadar Manor reported that by reusing a DCCP socket with an attached dccps_hc_tx_ccid as a listener,  in Linux <= 5.9, it will be used after being released,...
CVE-2020-14386 AVG-1237 High No Privilege escalation
A memory corruption flaw was found in the Linux kernel before 5.9-rc4 in net/packet/af_packet.c. A local attacker with CAP_NET_RAW privileges can exploit...
CVE-2020-12352 AVG-1251 High Yes Information disclosure
An information leak flaw was found in the way the Linux kernel's Bluetooth stack implementation handled initialization of stack memory when handling certain...
CVE-2020-12351 AVG-1251 High Yes Privilege escalation
A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use...
CVE-2020-8835 AVG-1120 High No Privilege escalation
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while...
CVE-2020-8694 AVG-1269 Medium No Information disclosure
An information disclosure flaw was found in the Linux kernel's Intel Running Average Power Limit (RAPL) implementation. A local non- privileged attacker...
CVE-2019-17666 AVG-1063 Critical Yes Arbitrary code execution
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel before 5.3.9, 4.19.82, 4.14.152, 4.9.199, 4.4.199 lacks a certain...
CVE-2019-11683 AVG-958 High Yes Arbitrary code execution
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows remote attackers to cause a denial of service...
CVE-2019-11479 AVG-986 Medium Yes Denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size...
CVE-2019-11478 AVG-986 High Yes Denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments....
CVE-2019-11477 AVG-986 High Yes Denial of service
An integer overflow has been discovered in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A sequence of SACKs may be crafted such...
CVE-2018-8897 AVG-703 High No Denial of service
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of...
CVE-2018-5391 AVG-762 High Yes Denial of service
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this...
CVE-2018-5390 AVG-750 High Yes Denial of service
A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time...
CVE-2018-1121 AVG-703 Low No Content spoofing
A security issue has been found in Linux <= 4.16.9, where an unprivileged attacker can hide a process from procps-ng's utilities by exploiting either a...
CVE-2018-1120 AVG-703 Medium No Denial of service
A denial of service has been found in Linux <= 4.16.9. An attacker can block any read() access to /proc/PID/cmdline by mmap()ing a FUSE file (Filesystem in...
CVE-2017-1000407 AVG-564 Medium Yes Denial of service
Linux kernel Virtualization Module (CONFIG_KVM) for the Intel processor family (CONFIG_KVM_INTEL) before 4.14.6, 4.9.69, 4.4.106, 3.18.88, 3.16.52 and...
CVE-2017-1000379 AVG-320 Medium No Access restriction bypass
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000377 AVG-317 High Yes Arbitrary code execution
An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors),...
CVE-2017-1000371 AVG-320 Medium No Access restriction bypass
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated...
CVE-2017-1000370 AVG-320 Medium No Access restriction bypass
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental...
CVE-2017-1000365 AVG-321 Medium No Insufficient validation
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...
CVE-2017-1000364 AVG-314 High No Privilege escalation
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions...
CVE-2017-1000251 AVG-395 High Yes Arbitrary code execution
A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client....
CVE-2017-17864 AVG-574 Medium No Information disclosure
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.73 mishandles states_equal comparisons between the pointer data...
CVE-2017-17863 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 does not check the relationship between pointer values and...
CVE-2017-17862 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 ignore unreachable code, even though it would still be...
CVE-2017-17857 AVG-574 Medium No Denial of service
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory...
CVE-2017-17856 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17855 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17854 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (integer overflow and...
CVE-2017-17853 AVG-574 Medium No Denial of service
It has been discovered kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17852 AVG-574 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17807 AVG-564 Low No Access restriction bypass
The KEYS subsystem in the Linux kernel before 4.14.6, 4.9.69, 4.4.107, 3.18.88, 3.16.52 and 3.2.97 omitted an access-control check when adding a key to the...
CVE-2017-17806 AVG-574 Medium No Denial of service
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate that the...
CVE-2017-17805 AVG-574 Medium No Denial of service
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle zero-length...
CVE-2017-17741 AVG-574 Medium No Information disclosure
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio...
CVE-2017-17712 AVG-574 High No Privilege escalation
A flaw was found in the Linux kernel's implementation of raw_sendmsg before 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic the kernel or...
CVE-2017-17558 AVG-574 High No Denial of service
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89,...
CVE-2017-17450 AVG-574 High No Access restriction bypass
It has been discovered that net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and...
CVE-2017-17449 AVG-574 Medium No Information disclosure
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52 when...
CVE-2017-17448 AVG-574 High No Access restriction bypass
It has been discovered that net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new,...
CVE-2017-16996 AVG-574 High No Privilege escalation
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The...
CVE-2017-16995 AVG-574 High No Privilege escalation
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL)...
CVE-2017-16650 AVG-568 Medium No Denial of service
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero...
CVE-2017-16649 AVG-568 Medium No Denial of service
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16648 AVG-568 High No Privilege escalation
The dvb_frontend_free function in drivers/media/dvb- core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16647 AVG-568 Medium No Denial of service
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system...
CVE-2017-16646 AVG-568 Medium No Denial of service
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or...
CVE-2017-16645 AVG-568 Medium No Denial of service
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims- pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16644 AVG-573 Medium No Denial of service
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16643 AVG-568 Medium No Denial of service
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service...
CVE-2017-15265 AVG-511 High No Privilege escalation
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have...
CVE-2017-14954 AVG-430 Medium No Information disclosure
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users...
CVE-2017-9986 AVG-555 Medium No Denial of service
The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a denial of service...
CVE-2017-9985 AVG-555 Medium No Denial of service
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a...
CVE-2017-9984 AVG-555 Medium No Denial of service
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a...
CVE-2017-8824 AVG-574 High No Privilege escalation
A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. The dccp_disconnect function in net/dccp/proto.c...
CVE-2017-5754 AVG-574 High No Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...
CVE-2017-5753 AVG-558 High Yes Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...
CVE-2017-5715 AVG-558 High No Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...
CVE-2017-5123 AVG-446 High No Privilege escalation
It was discovered that when the waitid() syscall in Linux kernel v4.13 was refactored, it accidentally stopped checking that the incoming argument was...

Advisories

Date Advisory Group Severity Type
21 Jul 2021 ASA-202107-50 AVG-2183 High privilege escalation
20 Jan 2021 ASA-202101-32 AVG-1443 Medium directory traversal
10 Nov 2020 ASA-202011-10 AVG-1269 Medium multiple issues
18 Oct 2020 ASA-202010-9 AVG-1251 High multiple issues
01 Apr 2020 ASA-202004-2 AVG-1120 High privilege escalation
07 Nov 2019 ASA-201911-9 AVG-1063 Critical arbitrary code execution
17 Jun 2019 ASA-201906-12 AVG-986 High denial of service
08 Aug 2018 ASA-201808-7 AVG-750 High denial of service
05 Jan 2018 ASA-201801-4 AVG-574 High multiple issues
16 Oct 2017 ASA-201710-25 AVG-446 High privilege escalation
13 Sep 2017 ASA-201709-4 AVG-395 High arbitrary code execution
22 Jun 2017 ASA-201706-28 AVG-314 High privilege escalation