Vulnerabilities > Linux > Linux Kernel > 4.4.236

DATE CVE VULNERABILITY TITLE RISK
2020-05-18 CVE-2020-13143 Out-of-bounds Read vulnerability in multiple products
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
network
low complexity
linux opensuse debian canonical netapp CWE-125
6.5
2020-05-15 CVE-2020-12888 Improper Handling of Exceptional Conditions vulnerability in multiple products
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
2020-05-09 CVE-2020-12768 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.
local
low complexity
linux canonical debian CWE-401
5.5
2020-05-08 CVE-2020-10690 Use After Free vulnerability in multiple products
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.
6.4
2020-05-05 CVE-2020-12656 Memory Leak vulnerability in multiple products
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.
local
low complexity
linux canonical opensuse CWE-401
5.5
2020-05-05 CVE-2020-12655 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
local
low complexity
linux CWE-835
5.5
2020-04-12 CVE-2020-11725 Unspecified vulnerability in Linux Kernel
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept.
local
low complexity
linux
7.8
2020-04-06 CVE-2020-11565 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.2.
local
low complexity
linux canonical CWE-787
6.0
2020-02-25 CVE-2020-9383 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel 3.16 through 5.5.6.
local
low complexity
linux debian opensuse canonical netapp CWE-125
7.1