Vulnerabilities > Linux > Linux Kernel > 4.19.138

DATE CVE VULNERABILITY TITLE RISK
2019-08-19 CVE-2019-15211 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.6.
4.6
2019-08-19 CVE-2018-20976 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18.
local
low complexity
linux CWE-416
7.8
2019-08-19 CVE-2016-10905 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8.
local
low complexity
linux CWE-416
7.8
2019-08-16 CVE-2019-15118 Uncontrolled Recursion vulnerability in multiple products
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
local
low complexity
linux canonical debian opensuse netapp CWE-674
5.5
2019-08-16 CVE-2019-15117 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
local
low complexity
linux CWE-119
7.8
2019-08-16 CVE-2019-15098 NULL Pointer Dereference vulnerability in multiple products
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
4.6
2019-07-30 CVE-2018-16871 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20.
network
low complexity
linux redhat netapp CWE-476
7.5
2019-07-19 CVE-2019-13648 Resource Management Errors vulnerability in Linux Kernel
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame.
local
low complexity
linux CWE-399
5.5
2019-07-17 CVE-2019-13631 Out-of-bounds Write vulnerability in Linux Kernel
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
low complexity
linux CWE-787
6.8
2019-07-05 CVE-2019-10639 Inadequate Encryption Strength vulnerability in Linux Kernel
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass.
network
low complexity
linux CWE-326
7.5