Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2019-20811 vulnerabilities and exploits

(subscribe to this query)
5.6
CVSSv2
CVE-2020-11668
In the Linux kernel prior to 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
Linux Linux Kernel
4.3
CVSSv2
CVE-2020-12654
An issue was found in Linux kernel prior to 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
Linux Linux Kernel
3.6
CVSSv2
CVE-2020-9383
An issue exists in the Linux kernel 3.16 up to and including 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
Linux Linux KernelDebian Debian Linux 8.0Debian Debian Linux 9.0Opensuse Leap 15.1Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 19.10Canonical Ubuntu Linux 16.04Netapp Cloud Backup -Netapp Steelstore Cloud Integrated Storage -Netapp Data Availability Services -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Solidfire Baseboard Management Controller Firmware -Netapp H410c Firmware -
2.1
CVSSv2
CVE-2020-11494
An issue exists in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 up to and including 5.6.2. It allows malicious users to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT...
Linux Linux KernelOpensuse Leap 15.1Debian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 19.10Canonical Ubuntu Linux 16.04
3.6
CVSSv2
CVE-2020-11565
An issue exists in the Linux kernel up to and including 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that ...
Linux Linux KernelCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04
3.6
CVSSv2
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel up to and including 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
Linux Linux KernelDebian Debian Linux 8.0Opensuse Leap 15.1Netapp Cloud Backup -Netapp Active Iq Unified Manager -Netapp Solidfire Baseboard Management Controller -Broadcom Brocade Fabric Operating System Firmware -Netapp Hci Baseboard Management Controller H410cCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04
3.6
CVSSv2
CVE-2020-8428
fs/namei.c in the Linux kernel prior to 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for ...
Linux Linux Kernel
5.4
CVSSv2
CVE-2020-10942
In the Linux kernel prior to 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow malicious users to trigger kernel stack corruption via crafted system calls.
Linux Linux KernelOpensuse Leap 15.1Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.10
2.3
CVSSv2
CVE-2020-2732
A flaw exists in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.
Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0
7.2
CVSSv2
CVE-2020-12464
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel prior to 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Linux Linux KernelNetapp Cloud Backup -Netapp Steelstore Cloud Integrated Storage -Netapp Hci Storage Nodes -Netapp Aff A700s -Netapp Active Iq Unified Manager -Netapp Hci Compute Node -Netapp Solidfire \\& Hci Storage Node -Netapp Solidfire Baseboard Management Controller -Netapp Hci Baseboard Management Controller H300sNetapp Hci Baseboard Management Controller H500sNetapp Hci Baseboard Management Controller H700sNetapp Hci Baseboard Management Controller H410sNetapp Hci Baseboard Management Controller H410cNetapp Hci Baseboard Management Controller H610cNetapp Hci Baseboard Management Controller H610sNetapp Hci Baseboard Management Controller H615c
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook