An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.
Max CVSS
7.8
Published
2018-07-28
Updated
2023-02-24
EPSS
0.04%
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.
Max CVSS
7.1
Published
2018-10-07
Updated
2019-04-03
EPSS
0.06%
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
Max CVSS
7.8
Published
2018-12-03
Updated
2019-09-10
EPSS
0.04%
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
Max CVSS
8.1
Published
2019-02-15
Updated
2023-05-16
EPSS
5.50%
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
Max CVSS
7.8
Published
2019-03-21
Updated
2020-10-15
EPSS
0.09%
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
Max CVSS
5.5
Published
2019-03-21
Updated
2023-02-28
EPSS
0.06%
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
Max CVSS
5.6
Published
2019-02-01
Updated
2019-09-24
EPSS
0.06%
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
Max CVSS
7.8
Published
2019-02-18
Updated
2021-06-02
EPSS
0.07%
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
Max CVSS
7.8
Published
2019-02-21
Updated
2021-06-02
EPSS
5.34%

CVE-2019-9213

Public exploit exists
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Max CVSS
5.5
Published
2019-03-05
Updated
2022-10-12
EPSS
0.09%
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!