Vulnerabilities > Linux > Linux Kernel > 4.19.130

DATE CVE VULNERABILITY TITLE RISK
2020-04-12 CVE-2020-11725 Unspecified vulnerability in Linux Kernel
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept.
local
low complexity
linux
7.8
2020-04-09 CVE-2020-11668 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
local
low complexity
linux CWE-476
7.1
2020-04-07 CVE-2020-11609 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1.
low complexity
linux canonical CWE-476
4.3
2020-04-07 CVE-2020-11608 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.1.
low complexity
linux canonical CWE-476
4.3
2020-04-06 CVE-2020-11565 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.2.
local
low complexity
linux canonical CWE-787
6.0
2020-04-02 CVE-2020-11494 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2.
local
low complexity
linux opensuse debian canonical CWE-909
4.4
2020-03-24 CVE-2020-10942 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
local
high complexity
linux opensuse debian canonical CWE-787
5.3
2020-02-25 CVE-2020-9383 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel 3.16 through 5.5.6.
local
low complexity
linux debian opensuse canonical netapp CWE-125
7.1
2020-02-14 CVE-2020-8992 Excessive Iteration vulnerability in multiple products
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
local
low complexity
linux canonical opensuse netapp CWE-834
5.5
2020-02-06 CVE-2020-8649 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
low complexity
linux opensuse debian CWE-416
5.9