4.9.191

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19051	Memory Leak vulnerability in multiple products A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7. local low complexity linux debian canonical opensuse CWE-401	5.5
2019-11-18	CVE-2019-19046	Memory Leak vulnerability in multiple products A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. network low complexity linux fedoraproject opensuse CWE-401	6.5
2019-11-14	CVE-2019-0145	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. local low complexity intel linux CWE-120	7.8
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-10-17	CVE-2019-17666	Classic Buffer Overflow vulnerability in multiple products rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. low complexity linux debian canonical CWE-120	8.8
2019-10-04	CVE-2019-17133	Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. network low complexity linux debian canonical opensuse CWE-120 critical	9.8
2019-10-01	CVE-2019-17075	Unspecified vulnerability in Linux Kernel An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. network low complexity linux	7.5
2019-10-01	CVE-2019-17056	Incorrect Default Permissions vulnerability in Linux Kernel llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. local low complexity linux CWE-276	3.3
2019-10-01	CVE-2019-17055	Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. local low complexity linux debian fedoraproject canonical opensuse redhat CWE-862	3.3
2019-10-01	CVE-2019-17054	Incorrect Default Permissions vulnerability in Linux Kernel atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. local low complexity linux CWE-276	3.3