Product:

Linux_kernel

(Linux)
Date Id Summary Products Score Patch Annotated
2019-01-29 CVE-2018-16880 A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable. Ubuntu_linux, Linux_kernel 7.0
2022-08-24 CVE-2021-4204 An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux 7.1
2019-11-25 CVE-2019-14815 A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Linux_kernel, Altavault, Baseboard_management_controller, Hci, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore, Codeready_linux_builder_eus, Codeready_linux_builder_for_power_little_endian_eus, Enterprise_linux, Enterprise_linux_for_ibm_z_systems_\(Structure_a\), Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_tus 7.8
2019-09-20 CVE-2019-14816 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, A220_firmware, A320_firmware, A700s_firmware, A800_firmware, C190_firmware, Data_availability_services, Fas2720_firmware, Fas2750_firmware, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux, Enterprise_linux_compute_node_eus, Enterprise_linux_eus, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_tus, Messaging_realtime_grid, Virtualization 7.8
2022-08-26 CVE-2021-3669 A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. Debian_linux, Fedora, Spectrum_copy_data_management, Spectrum_protect_plus, Linux_kernel, Build_of_quarkus, Codeready_linux_builder, Developer_tools, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Openshift_container_platform, Virtualization_host 5.5
2023-06-28 CVE-2023-3439 A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service. Linux_kernel 4.7
2023-03-02 CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Linux_kernel 7.8
2023-03-29 CVE-2023-1652 A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. Linux_kernel, Enterprise_linux 7.1
2023-04-14 CVE-2023-2008 A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Linux_kernel 7.8
2023-06-28 CVE-2023-3357 A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system. Linux_kernel 5.5