Vulnerabilities > Linux > Linux Kernel > 4.9.203

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-15437 NULL Pointer Dereference vulnerability in Linux Kernel
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
local
low complexity
linux CWE-476
4.9
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-11-23 CVE-2020-12351 Improper Input Validation vulnerability in Linux Kernel
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
linux CWE-20
8.8
2020-11-20 CVE-2020-28974 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095.
local
low complexity
linux debian CWE-125
6.1
2020-11-19 CVE-2020-28941 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9.
local
low complexity
linux fedoraproject debian CWE-763
5.5
2020-11-18 CVE-2020-28915 Out-of-bounds Read vulnerability in Linux Kernel
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
local
low complexity
linux CWE-125
6.1
2020-11-17 CVE-2020-25705 Use of Insufficiently Random Values vulnerability in multiple products
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports.
network
linux redhat CWE-330
5.8
2020-11-06 CVE-2020-27152 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2.
local
low complexity
linux CWE-835
2.1
2020-10-22 CVE-2020-27675 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
high complexity
linux fedoraproject debian CWE-416
4.7
2020-10-22 CVE-2020-27673 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
local
low complexity
linux debian opensuse xen
5.5