Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2019-11-20 CVE-2019-3466 Improper Privilege Management vulnerability in multiple products
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
local
low complexity
postgresql canonical debian CWE-269
7.2
2019-11-19 CVE-2019-19126 Improper Initialization vulnerability in multiple products
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
local
low complexity
gnu canonical fedoraproject debian CWE-665
3.3
2019-11-18 CVE-2019-19083 Memory Leak vulnerability in multiple products
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption).
4.7
2019-11-18 CVE-2019-19082 Memory Leak vulnerability in multiple products
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption).
4.7
2019-11-18 CVE-2019-19079 Memory Leak vulnerability in multiple products
A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.
network
low complexity
linux canonical CWE-401
7.5
2019-11-18 CVE-2019-19078 Memory Leak vulnerability in multiple products
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.
network
low complexity
linux canonical CWE-401
7.5
2019-11-18 CVE-2019-19077 Memory Leak vulnerability in multiple products
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
local
low complexity
linux canonical opensuse CWE-401
4.9
2019-11-18 CVE-2019-19076 Memory Leak vulnerability in multiple products
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.
network
high complexity
linux canonical redhat CWE-401
5.9
2019-11-18 CVE-2019-19075 Memory Leak vulnerability in multiple products
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
network
low complexity
linux canonical CWE-401
7.5
2019-11-18 CVE-2019-19074 Memory Leak vulnerability in multiple products
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
network
low complexity
linux debian canonical CWE-401
7.5