Vulnerabilities > Linux > Linux Kernel > 4.14.17

DATE CVE VULNERABILITY TITLE RISK
2020-11-28 CVE-2020-29373 Path Traversal vulnerability in Linux Kernel
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6.
local
low complexity
linux CWE-22
2.1
2020-11-28 CVE-2020-29372 Race Condition vulnerability in multiple products
An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8.
local
high complexity
linux canonical CWE-362
4.7
2020-11-28 CVE-2020-29371 Use of Uninitialized Resource vulnerability in Linux Kernel
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.
local
low complexity
linux CWE-908
2.1
2020-11-28 CVE-2020-29370 Race Condition vulnerability in multiple products
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11.
local
high complexity
linux netapp CWE-362
7.0
2020-11-28 CVE-2020-29368 Race Condition vulnerability in multiple products
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5.
local
high complexity
linux netapp CWE-362
7.0
2020-11-23 CVE-2020-15437 NULL Pointer Dereference vulnerability in Linux Kernel
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
local
low complexity
linux CWE-476
4.9
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-11-23 CVE-2020-12351 Improper Input Validation vulnerability in Linux Kernel
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
linux CWE-20
8.8
2020-11-20 CVE-2020-28974 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095.
local
low complexity
linux debian CWE-125
6.1
2020-11-19 CVE-2020-28941 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9.
local
low complexity
linux fedoraproject debian CWE-763
5.5