4.20.13

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-30	CVE-2019-16994	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. local linux opensuse redhat CWE-772	4.7
2019-09-24	CVE-2019-16746	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. network low complexity linux debian canonical fedoraproject opensuse CWE-120 critical	9.8
2019-09-20	CVE-2019-14816	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian fedoraproject netapp canonical opensuse CWE-122	7.8
2019-09-20	CVE-2019-14814	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian canonical opensuse netapp CWE-122	7.8
2019-09-19	CVE-2019-16413	Infinite Loop vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.0.4. network low complexity linux CWE-835	7.5
2019-09-13	CVE-2019-15031	Information Exposure vulnerability in multiple products In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. local low complexity linux canonical opensuse redhat CWE-200	3.6
2019-09-13	CVE-2019-15030	Missing Authorization vulnerability in multiple products In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. local low complexity linux canonical opensuse redhat CWE-862	3.6
2019-09-06	CVE-2019-16089	NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 5.2.13. local high complexity linux CWE-476	4.1
2019-09-04	CVE-2019-15926	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.3. network low complexity linux debian canonical CWE-125 critical	9.1
2019-09-04	CVE-2019-15925	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.3. local low complexity linux canonical CWE-125	7.8