Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux linux kernel 4.15 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-10207
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x prior to 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function ...
Linux Linux Kernel
1 Github repository
4.6
CVSSv2
CVE-2019-15117
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel up to and including 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
Linux Linux Kernel
7.1
CVSSv2
CVE-2019-17075
An issue exists in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel up to and including 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an malicious user to trigger a Denial of Service, ex...
Linux Linux Kernel
2.1
CVSSv2
CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel up to and including 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
Linux Linux Kernel
2.1
CVSSv2
CVE-2019-17056
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel up to and including 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
Linux Linux Kernel
4.4
CVSSv2
CVE-2019-13233
In arch/x86/lib/insn-eval.c in the Linux kernel prior to 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
Linux Linux Kernel
4.9
CVSSv2
CVE-2019-15291
An issue exists in the Linux kernel up to and including 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
Linux Linux Kernel
5.6
CVSSv2
CVE-2020-11668
In the Linux kernel prior to 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
Linux Linux Kernel
3.6
CVSSv2
CVE-2020-8428
fs/namei.c in the Linux kernel prior to 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for ...
Linux Linux Kernel
4.3
CVSSv2
CVE-2019-19767
The Linux kernel prior to 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.
Linux Linux Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »