5.1.13

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-17	CVE-2019-13631	Out-of-bounds Write vulnerability in Linux Kernel In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. low complexity linux CWE-787	6.8
2019-07-17	CVE-2019-13272	Improper Privilege Management vulnerability in multiple products In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). local low complexity linux debian fedoraproject canonical redhat netapp CWE-269	7.8
2019-06-25	CVE-2019-12817	Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. local high complexity canonical linux fedoraproject debian opensuse redhat CWE-787	7.0
2019-06-14	CVE-2019-10126	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp CWE-122 critical	9.8
2019-06-03	CVE-2019-12615	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. network low complexity linux netapp CWE-476	7.5
2019-06-03	CVE-2019-3846	Heap-based Buffer Overflow vulnerability in multiple products A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. low complexity linux redhat canonical netapp fedoraproject debian opensuse CWE-122	8.8
2019-04-25	CVE-2019-3900	Infinite Loop vulnerability in multiple products An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). network low complexity linux fedoraproject redhat debian canonical netapp oracle CWE-835	7.7
2019-04-22	CVE-2019-3901	Improper Locking vulnerability in multiple products A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. local high complexity linux debian netapp CWE-667	4.7
2019-04-09	CVE-2019-3887	Incorrect Authorization vulnerability in multiple products A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat CWE-863	5.6
2019-01-25	CVE-2019-3819	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. local low complexity linux debian canonical opensuse CWE-835	4.9