The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2020-24977 | GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. | HIGH | Sep 4, 2020 | 10.17.41.23 (Wind River Linux LTS 17) |
| CVE-2020-14364 | An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice \'setup_len\' exceeds its \'data_buf[4096]\' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. | HIGH | Sep 4, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-24978 | In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. | HIGH | Sep 4, 2020 | 10.17.41.23 (Wind River Linux LTS 17) |
| CVE-2019-17006 | In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. | HIGH | Aug 31, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-14331 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Aug 20, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-14352 | A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories. | HIGH | Aug 30, 2020 | 10.17.41.23 (Wind River Linux LTS 17) |
| CVE-2020-15862 | Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | HIGH | Aug 20, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-14356 | A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. | HIGH | Aug 21, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-1472 | An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications. | HIGH | Aug 18, 2020 | 10.17.41.23 (Wind River Linux LTS 17) |
| CVE-2020-15861 | Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. | HIGH | Aug 20, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-24330 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed. | HIGH | Aug 14, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-24331 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). | HIGH | Aug 14, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-15863 | hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555. | HIGH | Jul 29, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-15888 | Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free. | HIGH | Jul 24, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-10745 | A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability. | HIGH | Jul 7, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-15358 | In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | HIGH | Jun 27, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-14155 | libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | HIGH | Jun 19, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-13974 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case. | HIGH | Jun 9, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-13776 | systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082. | HIGH | Jun 4, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-13401 | An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. | HIGH | Jun 2, 2020 | 10.17.41.24 (Wind River Linux LTS 17) |
| CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | HIGH | Jun 8, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-13630 | ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | HIGH | May 27, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-20807 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | HIGH | May 28, 2020 | 10.17.41.27 (Wind River Linux LTS 17) |
| CVE-2020-12767 | exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. | HIGH | May 9, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-12654 | An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. | HIGH | May 5, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-12464 | usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | HIGH | Apr 29, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-20636 | In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | HIGH | Apr 9, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-1934 | In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. | HIGH | Apr 1, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-6096 | An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \'num\' parameter results in a signed comparison vulnerability. If an attacker underflows the \'num\' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. | HIGH | Apr 2, 2020 | 10.17.41.22 (Wind River Linux LTS 17) |
| CVE-2020-9402 | Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL. | HIGH | Mar 10, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-10188 | utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. | HIGH | Mar 6, 2020 | 10.17.41.26 (Wind River Linux LTS 17) |
| CVE-2020-9366 | A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact. | HIGH | Feb 25, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-1349 | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \'Git for Visual Studio Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | HIGH | Jan 28, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-1350 | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \'Git for Visual Studio Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | HIGH | Jan 28, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-1352 | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \'Git for Visual Studio Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. | HIGH | Jan 28, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-1353 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as WSL) while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. | HIGH | Feb 5, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | HIGH | Feb 6, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2020-7471 | Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL. | HIGH | Feb 6, 2020 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2020-8432 | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis. | HIGH | Feb 5, 2020 | 10.17.41.25 (Wind River Linux LTS 17) |
| CVE-2020-8597 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. | HIGH | Feb 9, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-9500 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. | HIGH | Jan 16, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-9503 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. | HIGH | Jan 16, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2020-7039 | tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. | HIGH | Jan 17, 2020 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-19646 | pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. | HIGH | Dec 9, 2019 | 10.17.41.19 (Wind River Linux LTS 17) |
| CVE-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support saved UID functionality, the saved UID is not dropped. An attacker with command execution in the shell can use enable -f for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected. | HIGH | Nov 29, 2019 | 10.17.41.19 (Wind River Linux LTS 17) |
| CVE-2019-19604 | Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a git submodule update operation can run commands found in the .gitmodules file of a malicious repository. | HIGH | Dec 13, 2019 | 10.17.41.21 (Wind River Linux LTS 17) |
| CVE-2019-19049 | A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot | HIGH | Nov 19, 2019 | 10.17.41.19 (Wind River Linux LTS 17) |
| CVE-2019-14897 | A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA. | HIGH | Dec 10, 2019 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-14895 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. | HIGH | Dec 12, 2019 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2019-19066 | A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. | HIGH | Nov 27, 2019 | 10.17.41.19 (Wind River Linux LTS 17) |
