5.0.3

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-12	CVE-2019-11191	Race Condition vulnerability in Linux Kernel The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. local high complexity linux CWE-362	2.5
2019-04-11	CVE-2019-3460	Improper Input Validation vulnerability in multiple products A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. low complexity linux canonical debian redhat CWE-20	6.5
2019-04-11	CVE-2019-3459	Out-of-bounds Read vulnerability in multiple products A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. low complexity linux canonical redhat debian CWE-125	6.5
2019-04-09	CVE-2019-3887	Incorrect Authorization vulnerability in multiple products A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat CWE-863	5.6
2019-03-27	CVE-2019-10125	Use After Free vulnerability in multiple products An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. network low complexity linux netapp CWE-416 critical	10.0
2019-01-25	CVE-2019-3819	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. local low complexity linux debian canonical opensuse CWE-835	4.9
2018-12-17	CVE-2018-20169	Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. low complexity linux canonical debian CWE-400	6.8
2018-10-08	CVE-2018-14656	Improper Input Validation vulnerability in Linux Kernel A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log. local low complexity linux CWE-20	5.5
2018-07-26	CVE-2018-10878	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat CWE-787	7.8
2018-05-21	CVE-2018-1108	Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. network high complexity linux canonical debian CWE-330	5.9