Filtered by vendor Linux
Subscriptions
Total
6998 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35512 | 2 Freedesktop, Linux | 2 Dbus, Linux Kernel | 2024-08-04 | 7.8 High |
| A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors | ||||
| CVE-2020-35499 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 6.7 Medium |
| A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information. | ||||
| CVE-2020-29660 | 6 Broadcom, Debian, Fedoraproject and 3 more | 18 Fabric Operating System, Debian Linux, Fedora and 15 more | 2024-08-04 | 4.4 Medium |
| A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. | ||||
| CVE-2020-29661 | 7 Broadcom, Debian, Fedoraproject and 4 more | 25 Fabric Operating System, Debian Linux, Fedora and 22 more | 2024-08-04 | 7.8 High |
| A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. | ||||
| CVE-2020-29569 | 4 Debian, Linux, Netapp and 1 more | 7 Debian Linux, Linux Kernel, Hci Compute Node and 4 more | 2024-08-04 | 8.8 High |
| An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback. | ||||
| CVE-2020-29534 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94. | ||||
| CVE-2020-29384 | 3 Advsys, Apple, Linux | 3 Pngout, Macos, Linux Kernel | 2024-08-04 | 5.5 Medium |
| An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow. | ||||
| CVE-2020-29372 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-08-04 | 4.7 Medium |
| An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e. | ||||
| CVE-2020-29374 | 3 Debian, Linux, Netapp | 11 Debian Linux, Linux Kernel, 500f and 8 more | 2024-08-04 | 3.6 Low |
| An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58. | ||||
| CVE-2020-29371 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 3.3 Low |
| An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. | ||||
| CVE-2020-29373 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 6.5 Medium |
| An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d. | ||||
| CVE-2020-29369 | 2 Linux, Netapp | 5 Linux Kernel, Hci Compute Node, Hci Management Node and 2 more | 2024-08-04 | 7.0 High |
| An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe. | ||||
| CVE-2020-29370 | 2 Linux, Netapp | 10 Linux Kernel, Cloud Backup, H410c and 7 more | 2024-08-04 | 7.0 High |
| An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | ||||
| CVE-2020-29368 | 3 Linux, Netapp, Redhat | 11 Linux Kernel, Cloud Backup, Element Software and 8 more | 2024-08-04 | 7.0 High |
| An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | ||||
| CVE-2020-28974 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-08-04 | 5.0 Medium |
| A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. | ||||
| CVE-2020-28941 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-08-04 | 5.5 Medium |
| An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once. | ||||
| CVE-2020-28915 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhev Hypervisor | 2024-08-04 | 5.8 Medium |
| A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. | ||||
| CVE-2020-28588 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 5.5 Medium |
| An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents. | ||||
| CVE-2020-28374 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2024-08-04 | 8.1 High |
| In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore. | ||||
| CVE-2020-28097 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, H300e and 15 more | 2024-08-04 | 5.9 Medium |
| The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85. | ||||