Vulnerabilities > Linux > Linux Kernel > 4.0

DATE CVE VULNERABILITY TITLE RISK
2020-11-17 CVE-2020-25705 Use of Insufficiently Random Values vulnerability in multiple products
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports.
network
linux redhat CWE-330
5.8
2020-11-06 CVE-2020-27152 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2.
local
low complexity
linux CWE-835
2.1
2020-10-22 CVE-2020-27675 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
high complexity
linux fedoraproject debian CWE-416
4.7
2020-10-22 CVE-2020-27673 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
low complexity
linux debian opensuse xen
5.5
2020-10-16 CVE-2020-27194 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.8.15.
local
low complexity
linux CWE-119
2.1
2020-10-13 CVE-2020-25645 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux debian netapp opensuse canonical CWE-319
5.0
2020-10-06 CVE-2020-25643 Improper Input Validation vulnerability in multiple products
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7.
7.2
2020-10-06 CVE-2020-25641 Infinite Loop vulnerability in multiple products
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7.
local
low complexity
linux redhat opensuse debian canonical CWE-835
5.5
2020-10-02 CVE-2020-26541 Unspecified vulnerability in Linux Kernel
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism.
local
linux
6.9
2020-09-24 CVE-2020-26088 Incorrect Default Permissions vulnerability in multiple products
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
local
low complexity
linux debian opensuse canonical CWE-276
2.1