Total
7161 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19966 | 4 Debian, Linux, Netapp and 1 more | 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. | ||||
| CVE-2019-19952 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 9.8 Critical |
| In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | ||||
| CVE-2019-19950 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2024-11-21 | 9.8 Critical |
| In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | ||||
| CVE-2019-19813 | 4 Canonical, Debian, Linux and 1 more | 18 Ubuntu Linux, Debian Linux, Linux Kernel and 15 more | 2024-11-21 | 5.5 Medium |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c. | ||||
| CVE-2019-19807 | 3 Canonical, Linux, Redhat | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 7.8 High |
| In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring. | ||||
| CVE-2019-19770 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 8.2 High |
| In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace | ||||
| CVE-2019-19769 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 6.7 Medium |
| In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). | ||||
| CVE-2019-19768 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-11-21 | 7.5 High |
| In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer). | ||||
| CVE-2019-19767 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-11-21 | 5.5 Medium |
| The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163. | ||||
| CVE-2019-19590 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.8 High |
| In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input. | ||||
| CVE-2019-19543 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
| In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. | ||||
| CVE-2019-19531 | 3 Debian, Linux, Opensuse | 3 Debian Linux, Linux Kernel, Leap | 2024-11-21 | 6.8 Medium |
| In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca. | ||||
| CVE-2019-19530 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. | ||||
| CVE-2019-19529 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 6.3 Medium |
| In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. | ||||
| CVE-2019-19528 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 6.1 Medium |
| In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | ||||
| CVE-2019-19527 | 4 Debian, Linux, Opensuse and 1 more | 6 Debian Linux, Linux Kernel, Leap and 3 more | 2024-11-21 | 6.8 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e. | ||||
| CVE-2019-19526 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. | ||||
| CVE-2019-19525 | 3 Debian, Linux, Opensuse | 3 Debian Linux, Linux Kernel, Leap | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. | ||||
| CVE-2019-19524 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | ||||
| CVE-2019-19523 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. | ||||