The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-14360 | A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 2, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25712 | A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 2, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-27815 | A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | MEDIUM | Dec 2, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-15257 | containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the host network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container\'s privilege, regardless of what container runtime is used for running that container. | LOW | Dec 1, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-29371 | An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. | LOW | Nov 28, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-29370 | An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | MEDIUM | Nov 28, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-29368 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | MEDIUM | Nov 28, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-29374 | An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58. | MEDIUM | Nov 28, 2020 | 10.18.44.23 (Wind River Linux LTS 18) |
CVE-2019-20934 | An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c. | LOW | Nov 28, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-29129 | ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | MEDIUM | Nov 27, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-29130 | slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | MEDIUM | Nov 27, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25669 | A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. | HIGH | Nov 26, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-27777 | A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel. | HIGH | Nov 26, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-15437 | The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. | MEDIUM | Nov 23, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-15436 | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | HIGH | Nov 23, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-28974 | A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. | MEDIUM | Nov 20, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-4788 | IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296. | LOW | Nov 20, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-25672 | A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | MEDIUM | Nov 19, 2020 | 10.18.44.24 (Wind River Linux LTS 18) |
CVE-2020-25670 | A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | HIGH | Nov 19, 2020 | 10.18.44.23 (Wind River Linux LTS 18) |
CVE-2020-25673 | A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | MEDIUM | Nov 19, 2020 | 10.18.44.24 (Wind River Linux LTS 18) |
CVE-2020-28941 | An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once. | MEDIUM | Nov 19, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25671 | A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | HIGH | Nov 19, 2020 | 10.18.44.23 (Wind River Linux LTS 18) |
CVE-2020-28915 | A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. | MEDIUM | Nov 18, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25705 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version | MEDIUM | Nov 17, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25695 | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Nov 16, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-25696 | A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Nov 16, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-28367 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive. | MEDIUM | Nov 16, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-25694 | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Nov 16, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-28366 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. | MEDIUM | Nov 16, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-8694 | Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | Nov 12, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25668 | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | MEDIUM | Nov 12, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25654 | An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration. | HIGH | Nov 12, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-25704 | A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service. | MEDIUM | Nov 12, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-25659 | python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext. | MEDIUM | Nov 12, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-0452 | In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731 | HIGH | Nov 10, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-27618 | The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. | LOW | Nov 10, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | MEDIUM | Nov 9, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | MEDIUM | Nov 7, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-27617 | eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. | MEDIUM | Nov 6, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-8037 | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | MEDIUM | Nov 4, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-25656 | A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. | LOW | Nov 3, 2020 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-14318 | A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. | MEDIUM | Nov 2, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-14383 | A flaw was found in samba\'s DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not. | MEDIUM | Nov 2, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-14323 | A null pointer dereference flaw was found in samba\'s Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service. | LOW | Oct 29, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-27673 | An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. | MEDIUM | Oct 23, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2018-18508 | In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. | MEDIUM | Oct 23, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-27675 | An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5. | MEDIUM | Oct 23, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. | HIGH | Oct 22, 2020 | 10.18.44.21 (Wind River Linux LTS 18) |
CVE-2020-25648 | A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58. | MEDIUM | Oct 22, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |
CVE-2020-12351 | Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | MEDIUM | Oct 20, 2020 | 10.18.44.20 (Wind River Linux LTS 18) |