Vulnerabilities > Linux > Linux Kernel > 3.9.6

DATE CVE VULNERABILITY TITLE RISK
2020-11-28 CVE-2020-29374 Incorrect Authorization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c.
local
high complexity
linux debian netapp CWE-863
3.6
2020-11-28 CVE-2020-29373 Path Traversal vulnerability in Linux Kernel
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6.
local
low complexity
linux CWE-22
2.1
2020-11-28 CVE-2020-29372 Race Condition vulnerability in multiple products
An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8.
local
high complexity
linux canonical CWE-362
4.7
2020-11-28 CVE-2020-29371 Use of Uninitialized Resource vulnerability in Linux Kernel
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.
local
low complexity
linux CWE-908
2.1
2020-11-28 CVE-2020-29370 Race Condition vulnerability in multiple products
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11.
local
high complexity
linux netapp CWE-362
7.0
2020-11-23 CVE-2020-15437 NULL Pointer Dereference vulnerability in Linux Kernel
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
local
low complexity
linux CWE-476
4.9
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-11-20 CVE-2020-28974 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095.
local
low complexity
linux debian CWE-125
6.1
2020-11-19 CVE-2020-28941 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9.
local
low complexity
linux fedoraproject debian CWE-763
5.5
2020-11-18 CVE-2020-28915 Out-of-bounds Read vulnerability in Linux Kernel
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
local
low complexity
linux CWE-125
6.1