Vulnerabilities > Linux > Linux Kernel > 5.0.1

DATE CVE VULNERABILITY TITLE RISK
2020-05-09 CVE-2019-20794 Resource Exhaustion vulnerability in Linux Kernel
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed.
local
linux CWE-400
4.7
2020-05-08 CVE-2020-10690 Use After Free vulnerability in multiple products
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.
6.4
2020-05-05 CVE-2020-12659 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.7.
local
low complexity
linux netapp CWE-787
6.7
2020-05-05 CVE-2020-12657 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.6.5.
local
low complexity
linux CWE-416
4.6
2020-05-05 CVE-2020-12656 Memory Leak vulnerability in multiple products
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.
local
low complexity
linux canonical opensuse CWE-401
5.5
2020-05-05 CVE-2020-12655 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
local
low complexity
linux CWE-835
5.5
2020-05-05 CVE-2020-12653 Out-of-bounds Write vulnerability in multiple products
An issue was found in Linux kernel before 5.5.4.
local
low complexity
linux opensuse debian netapp CWE-787
4.6
2020-05-05 CVE-2020-12654 Out-of-bounds Write vulnerability in Linux Kernel
An issue was found in Linux kernel before 5.5.4.
high complexity
linux CWE-787
4.3
2020-05-05 CVE-2020-12652 Race Condition vulnerability in Linux Kernel
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a.
local
linux CWE-362
4.7
2020-05-04 CVE-2020-12114 Race Condition vulnerability in Linux Kernel
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
local
linux CWE-362
1.9