CVE-2019-19770

HIGH Year: 2019
CVSS v3 Score
8.2
High
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-416
View all →

Vulnerability Description

In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace

Related Vulnerabilities

CVE-2020-25632

HIGH
CVSS:8.2(High)

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leadi...

CWE-4162020

CVE-2020-2758

HIGH
CVSS:8.2(High)

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily explo...

CWE-4162020

CVE-2020-3962

HIGH
CVSS:8.2(High)

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-...

CWE-4162020

CVE-2020-4004

HIGH
CVSS:8.2(High)

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vu...

CWE-4162020

CVE-2021-3750

HIGH
CVSS:8.2(High)

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted conte...

CWE-4162021