Vulnerabilities > Linux > Linux Kernel > 4.19.45

DATE CVE VULNERABILITY TITLE RISK
2020-05-05 CVE-2020-12657 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.6.5.
local
low complexity
linux CWE-416
4.6
2020-05-05 CVE-2020-12656 Memory Leak vulnerability in multiple products
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.
local
low complexity
linux canonical opensuse CWE-401
5.5
2020-05-05 CVE-2020-12655 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
local
low complexity
linux CWE-835
5.5
2020-05-05 CVE-2020-12653 Out-of-bounds Write vulnerability in multiple products
An issue was found in Linux kernel before 5.5.4.
local
low complexity
linux opensuse debian netapp CWE-787
4.6
2020-05-05 CVE-2020-12654 Out-of-bounds Write vulnerability in Linux Kernel
An issue was found in Linux kernel before 5.5.4.
high complexity
linux CWE-787
4.3
2020-05-05 CVE-2020-12652 Race Condition vulnerability in Linux Kernel
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a.
local
linux CWE-362
4.7
2020-05-04 CVE-2020-12114 Race Condition vulnerability in Linux Kernel
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
local
linux CWE-362
1.9
2020-04-29 CVE-2020-12465 Classic Buffer Overflow vulnerability in multiple products
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf.
local
low complexity
linux netapp CWE-120
6.7
2020-04-29 CVE-2020-12464 Use After Free vulnerability in multiple products
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
local
low complexity
linux netapp CWE-416
6.7
2020-04-29 CVE-2020-11884 Race Condition vulnerability in multiple products
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171.
7.0