Vulnerabilities > Linux > Linux Kernel > 4.14.223

DATE CVE VULNERABILITY TITLE RISK
2019-12-22 CVE-2019-19922 Resource Exhaustion vulnerability in multiple products
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1.
local
low complexity
linux debian canonical oracle netapp CWE-400
5.5
5.5
2019-12-12 CVE-2019-19770 Use After Free vulnerability in Linux Kernel
In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).
network
low complexity
linux CWE-416
8.2
8.2
2019-12-12 CVE-2019-19769 Use After Free vulnerability in multiple products
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
local
low complexity
linux fedoraproject CWE-416
6.7
6.7
2019-12-03 CVE-2019-19531 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
low complexity
linux debian opensuse CWE-416
6.8
6.8
2019-12-03 CVE-2019-19530 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19526 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
low complexity
linux canonical opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19525 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19524 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
low complexity
linux debian canonical CWE-416
4.6
4.6
2019-12-03 CVE-2019-19523 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-11-29 CVE-2019-19377 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
local
low complexity
linux netapp CWE-416
7.8
7.8