Vulnerabilities > Linux > Linux Kernel > 4.14.188
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-10781 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. | 5.5 |
| 2020-09-16 | CVE-2020-10768 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. | 5.5 |
| 2020-09-15 | CVE-2020-10767 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). | 5.5 |
| 2020-09-15 | CVE-2020-10766 | Unspecified vulnerability in Linux Kernel A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. | 5.5 |
| 2020-09-15 | CVE-2020-14385 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 5.5 |
| 2020-09-15 | CVE-2020-14331 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. | 6.6 |
| 2020-09-09 | CVE-2020-25211 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | 6.0 |
| 2020-08-19 | CVE-2020-14356 | NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. | 7.8 |
| 2020-08-19 | CVE-2020-24394 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. | 7.1 |
| 2020-07-30 | CVE-2020-16166 | Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. | 3.7 |