Vulnerabilities > Linux > Linux Kernel > 4.19.116
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-24 | CVE-2020-10942 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | 5.4 |
2020-02-25 | CVE-2020-9383 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
2020-02-14 | CVE-2020-8992 | Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. | 4.9 |
2020-02-06 | CVE-2020-8649 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. | 3.6 |
2020-02-06 | CVE-2020-8648 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | 3.6 |
2020-02-06 | CVE-2020-8647 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. | 3.6 |
2020-01-31 | CVE-2019-3016 | Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. | 4.7 |
2020-01-29 | CVE-2020-8428 | Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. | 3.6 |
2020-01-27 | CVE-2019-20422 | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db. | 2.1 |
2020-01-16 | CVE-2019-18282 | Use of Insufficiently Random Values vulnerability in multiple products The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. | 5.0 |