Linux Kernel CVE Statistics
80 Linux Kernel CVEs in November 2019
Full month · Source: NIST NVD
In November 2019, 80 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 7 were rated Critical, 31 were rated High severity and 41 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. November's 80 CVEs represent 26% of all 2019 Linux kernel CVEs , up from October's 12 (a 567% month-over-month increase) .
80
Total CVEs
7
Critical
31
High
41
Medium
1
Low
0
KEV Exploited
All CVEs — November 2019
80 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2019-14901 | linux | Critical | 9.8 | 2019-11-29 | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip dr… | |
| CVE-2019-14895 | linux | Critical | 9.8 | 2019-11-29 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell… | |
| CVE-2019-14897 | linux | Critical | 9.8 | 2019-11-29 | A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An att… | |
| CVE-2019-14896 | linux | Critical | 9.8 | 2019-11-27 | A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip d… | |
| CVE-2019-18805 | linux | Critical | 9.8 | 2019-11-07 | An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.… | |
| CVE-2019-18814 | linux | Critical | 9.8 | 2019-11-07 | An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_… | |
| CVE-2014-3180 | linux | Critical | 9.1 | 2019-11-06 | In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible… | |
| CVE-2019-10220 | linux | High | 8.8 | 2019-11-27 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | |
| CVE-2019-19377 | linux | High | 7.8 | 2019-11-29 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can l… | |
| CVE-2019-19378 | linux | High | 7.8 | 2019-11-29 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in in… | |
| CVE-2019-19252 | linux | High | 7.8 | 2019-11-25 | vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu device… | |
| CVE-2019-18675 | linux | High | 7.8 | 2019-11-25 | The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpi… | |
| CVE-2019-14815 | linux | High | 7.8 | 2019-11-25 | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marv… | |
| CVE-2010-4661 | linux | High | 7.8 | 2019-11-13 | udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | |
| CVE-2013-4367 | linux | High | 7.8 | 2019-11-01 | ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel … |