The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
Max CVSS
4.6
Published
2019-03-21
Updated
2019-09-03
EPSS
0.16%
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Max CVSS
7.8
Published
2019-03-21
Updated
2023-04-11
EPSS
0.04%
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
Max CVSS
7.8
Published
2019-03-21
Updated
2020-10-15
EPSS
0.09%
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
Max CVSS
5.5
Published
2019-03-21
Updated
2023-02-28
EPSS
0.06%
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.
Max CVSS
5.5
Published
2019-03-21
Updated
2020-08-24
EPSS
0.05%
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!