New issue
Advanced search Search tips
ListGrid
Loading...
  ID Type  Status  Priority  Milestone  Owner  Summary + Labels ...
  88 ---- Fixed ---- ---- cevans@google.com Linux kernel stack overflow when mounting ISO9660 image, including via a USB stick CCProjectZeroMembers  
  89 ---- Fixed ---- ---- hawkes@google.com Linux kernel hid-logitech-dj.c device_index arbitrary kfree CCProjectZeroMembers  
  90 ---- Fixed ---- ---- hawkes@google.com Linux kernel hid-logitech-dj.c logi_dj_ll_raw_request heap overflow CCProjectZeroMembers  
  91 ---- Fixed ---- ---- hawkes@google.com Linux kernel HID report fixup multiple off-by-one issues CCProjectZeroMembers  
  98 ---- Fixed ---- ---- forshaw@google.com Linux Kernel Buffer Overflow in Whiteheat USB Serial Driver CCProjectZeroMembers  
  100 ---- Fixed ---- ---- scvitti@google.com Magic Mouse HID device driver overflow CCProjectZeroMembers  
  101 ---- Fixed ---- ---- scvitti@google.com PicoLCD HID device driver pool overflow CCProjectZeroMembers  
  405 ---- Fixed ---- ---- taviso@google.com Linux: fuse privilege escalation CCProjectZeroMembers  
  411 ---- Fixed ---- ---- cevans@google.com Linux: privilege escalations via crash analysis frameworks (apport, abrt) CCProjectZeroMembers  
  412 ---- Fixed ---- ---- cevans@google.com Linux: NetworkManager authorization problem with modem config files and arbitrary file read CCProjectZeroMembers  
  413 ---- Fixed ---- ---- cevans@google.com Linux: missing authentication check in usb-creator leads to local privilege escalation CCProjectZeroMembers  
  540 ---- Invalid ---- ---- markbrand@google.com Linux: kernel read-write in __ARM_NR_cmpxchg CCProjectZeroMembers  
  735 ---- Fixed ---- ---- hawkes@google.com Linux io_submit L2TP sendmsg integer overflow CCProjectZeroMembers  
  758 ---- Fixed ---- ---- hawkes@google.com Linux netfilter IPT_SO_SET_REPLACE memory corruption CCProjectZeroMembers  
  807 ---- Fixed ---- ---- jannh@google.com Linux: perf_event_open() can race with execve() CCProjectZeroMembers  
  808 ---- Fixed ---- ---- jannh@google.com Linux: UAF via double-fdput() in bpf(BPF_PROG_LOAD) error path CCProjectZeroMembers  
  809 ---- Fixed ---- ---- jannh@google.com Linux: reference count overflow using BPF maps CCProjectZeroMembers  
  812 ---- Fixed ---- ---- markbrand@google.com Reference count leak in apparmor securityfs aa_fs_seq_hash_show CCProjectZeroMembers  
  822 ---- Fixed ---- ---- jannh@google.com Linux: arbitrary memory read on arm/arm64 via perf_event_open() CCProjectZeroMembers  
  836 ---- Fixed ---- ---- jannh@google.com Linux: Stack overflow via ecryptfs and /proc/$pid/environ CCProjectZeroMembers  
  854 ---- Fixed ---- ---- jannh@google.com Linux: SELinux W+X protection bypass via AIO CCProjectZeroMembers  
  1251 ---- Fixed ---- ---- jannh@google.com Linux: eBPF verifier log leaks lower half of map pointer CCProjectZeroMembers  
  1431 ---- Fixed ---- ---- jannh@google.com Linux: mincore() discloses uninitialized kernel heap pages CCProjectZeroMembers