Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux linux kernel 5.4 vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2020-25284
The rbd block device driver in drivers/block/rbd.c in the Linux kernel up to and including 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local malicious users to map or unmap rbd block devices, aka CID-f44d04e696fe.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
2.1
CVSSv2
CVE-2022-32296
The Linux kernel prior to 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
Linux Linux Kernel
1 Github repository
NA
CVE-2023-2163
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
Linux Linux Kernel
1 Github repository
2.1
CVSSv2
CVE-2021-38208
net/nfc/llcp_sock.c in the Linux kernel prior to 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
Linux Linux Kernel
4.7
CVSSv2
CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel prior to 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
Linux Linux Kernel
Debian Debian Linux 9.0
1 Github repository
NA
CVE-2023-4194
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the followin...
Linux Linux Kernel 6.5
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.4
CVSSv2
CVE-2019-19602
fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel prior to 5.4.2, when GCC 9 is used, allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_ow...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
2.1
CVSSv2
CVE-2021-28688
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of clean...
Linux Linux Kernel
Debian Debian Linux 9.0
NA
CVE-2023-6931
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We...
Linux Linux Kernel
Debian Debian Linux 10.0
NA
CVE-2022-41849
drivers/video/fbdev/smscufx.c in the Linux kernel up to and including 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
Linux Linux Kernel
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »