4.19.45

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-17	CVE-2019-13272	Improper Privilege Management vulnerability in multiple products In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). local low complexity linux debian fedoraproject canonical redhat netapp CWE-269	7.8
2019-07-05	CVE-2019-10639	Inadequate Encryption Strength vulnerability in Linux Kernel The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. network low complexity linux CWE-326	7.5
2019-07-05	CVE-2019-10638	Inadequate Encryption Strength vulnerability in Linux Kernel In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). network linux CWE-326	4.3
2019-07-04	CVE-2019-13233	Use After Free vulnerability in Linux Kernel In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation. local high complexity linux CWE-416	7.0
2019-06-26	CVE-2019-12984	NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service. network linux CWE-476	4.3
2019-06-25	CVE-2019-12817	Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. local high complexity canonical linux fedoraproject debian opensuse redhat CWE-787	7.0
2019-06-19	CVE-2019-11479	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. network low complexity linux f5 canonical redhat CWE-770	7.5
2019-06-19	CVE-2019-11478	Resource Exhaustion vulnerability in multiple products Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-400	7.5
2019-06-19	CVE-2019-11477	Integer Overflow or Wraparound vulnerability in multiple products Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-190	7.5
2019-06-14	CVE-2019-10126	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp CWE-122 critical	9.8