Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 1855 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2020-8286 libcurl offers \"OCSP stapling\" via the CURLOPT_SSL_VERIFYSTATUS option. When set, libcurl verifies the OCSP response that a server responds with as part of the TLS handshake. It then aborts the TLS negotiation if something is wrong with the response. The same feature can be enabled with --cert-status using the curl tool. As part of the OCSP response verification, a client should verify that the response is indeed set out for the correct certificate. This step was not performed by libcurl when built or told to use OpenSSL as TLS backend. MEDIUM Dec 10, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-25692 A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. MEDIUM Dec 8, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29573 sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. MEDIUM Dec 7, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-27786 A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free. A write to this specific memory while freed and before use could cause the flow of execution to change and possibly allow for memory corruption or privilege escalation. HIGH Dec 7, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-28916 hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. LOW Dec 4, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29562 The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. MEDIUM Dec 4, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-14351 A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. MEDIUM Dec 3, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14381 A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. MEDIUM Dec 3, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25624 hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. MEDIUM Dec 3, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14360 A flaw was found in X.Org Server. An Out-Of-Bounds access in XkbSetMap function may lead to a privilege escalation vulnerability MEDIUM Dec 2, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25712 A flaw was found in X.Org Server. An heap-buffer overflow was found in XkbSetDeviceInfo may lead to a privilege escalation vulnerability MEDIUM Dec 2, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27815 A flaw was found in the Linux kernels implementation of extended attributes while working on a journaled filesystem MEDIUM Dec 2, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-29371 An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. LOW Nov 28, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29370 An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. MEDIUM Nov 28, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29368 An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. MEDIUM Nov 28, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-20934 An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c. LOW Nov 28, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29129 ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. MEDIUM Nov 27, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-29130 slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. MEDIUM Nov 27, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25669 kernel: use-after-free read in sunkbd_reinit in drivers/input/keyboard/sunkbd.c HIGH Nov 26, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27777 The Linux kernel for powerpc has an issue with the Run-Time Abstraction Services (RTAS) interface, allowing root (or CAP_SYS_ADMIN users) in a VM to overwrite some parts of memory, including kernel memory HIGH Nov 26, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-15437 The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. MEDIUM Nov 23, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-15436 Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. HIGH Nov 23, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-28974 A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. MEDIUM Nov 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25670 A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations HIGH Nov 19, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-25671 A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. HIGH Nov 19, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-28915 A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. MEDIUM Nov 18, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25705 A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue. MEDIUM Nov 17, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25695 Multiple features escape \"security restricted operation\" sandbox MEDIUM Nov 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25696 psql\'s \\gset allows overwriting specially treated variables HIGH Nov 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-28367 cmd/go: improper validation of cgo flags can lead to remote code execution at build time MEDIUM Nov 16, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-25694 Reconnection can downgrade connection security settings MEDIUM Nov 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-8694 Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. LOW Nov 12, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25668 A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. MEDIUM Nov 12, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25654 An acl bypass flaw was found in pacemaker. When ACLs are not in use, any user in the haclient group has full access to the configuration, which effectively gives them the ability to run any code as root. HIGH Nov 12, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25704 There is a memory leak in perf_event_parse_addr_filter. MEDIUM Nov 12, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25659 python-cryptography is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext. MEDIUM Nov 12, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-0452 Modify an arguments size check and decrease so that the likelihood of the compiler removing it as part of optimizations is low. The arguments check must always be triggered to avoid potential buffer overflows. HIGH Nov 10, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27618 The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service LOW Nov 10, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-28196 MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. MEDIUM Nov 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-15999 Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. MEDIUM Nov 7, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27617 eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. MEDIUM Nov 6, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-8037 The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. MEDIUM Nov 4, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25656 A flaw was found in Linux Kernel, where a race in KDGKBSENT and KDSKBSENT leads to use-after-free read in vt_do_kdgkb_ioctl LOW Nov 3, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-14318 The SMB1/2/3 protocols have a concept of \"ChangeNotify\", where a client can request file name notification on a directory handle when a condition such as \"new file creation\" or \"file size change\" or \"file timestamp update\" occurs. MEDIUM Nov 2, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14383 Some DNS records (such as MX and NS records) usually contain data in the additional section. Samba\'s dnsserver RPC pipe (which is an administrative interface not used in the DNS server itself) made an error in handling the case where there are no records present: instead of noticing the lack of records, it dereferenced uninitialised memory, causing the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay MEDIUM Nov 2, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14323 A null pointer dereference flaw was found in samba\'s Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service. LOW Oct 29, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2018-18508 In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. MEDIUM Oct 23, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27619 In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. HIGH Oct 22, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-12351 A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use this flaw to crash the system causing denial of service or potentially execute arbitrary code on the system by sending a specially crafted L2CAP packet. MEDIUM Oct 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25645 A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality. MEDIUM Oct 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version.
Live chat
Online