Vulnerabilities > Linux > Linux Kernel > 4.20.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-16 | CVE-2019-15090 | Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. | 4.6 |
| 2019-07-26 | CVE-2019-14284 | Divide By Zero vulnerability in Linux Kernel In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. | 2.1 |
| 2019-07-26 | CVE-2019-14283 | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. | 4.6 |
| 2019-07-26 | CVE-2018-20854 | Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.20. | 7.8 |
| 2019-07-19 | CVE-2019-13648 | Resource Management Errors vulnerability in Linux Kernel In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. | 5.5 |
| 2019-07-17 | CVE-2019-13631 | Out-of-bounds Write vulnerability in Linux Kernel In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. | 6.8 |
| 2019-07-17 | CVE-2019-13272 | Improper Privilege Management vulnerability in multiple products In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
| 2019-07-05 | CVE-2019-10639 | Inadequate Encryption Strength vulnerability in Linux Kernel The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. | 7.5 |
| 2019-07-05 | CVE-2019-10638 | Inadequate Encryption Strength vulnerability in Linux Kernel In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). | 4.3 |
| 2019-07-04 | CVE-2019-13233 | Use After Free vulnerability in Linux Kernel In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation. | 7.0 |