Vulnerabilities > Linux > Linux Kernel > 5.2.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-12 | CVE-2020-11725 | Unspecified vulnerability in Linux Kernel snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept. | 7.8 |
2020-04-08 | CVE-2019-20636 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | 6.7 |
2020-04-06 | CVE-2020-11565 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.2. | 6.0 |
2020-02-25 | CVE-2020-9383 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
2020-01-31 | CVE-2019-3016 | Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. | 4.7 |
2020-01-09 | CVE-2019-19332 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. | 6.1 |
2019-12-24 | CVE-2019-19947 | Use of Uninitialized Resource vulnerability in multiple products In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. | 4.6 |
2019-12-22 | CVE-2019-19922 | Resource Exhaustion vulnerability in multiple products kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. | 5.5 |
2019-12-15 | CVE-2019-19807 | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. | 7.8 |
2019-12-12 | CVE-2019-19769 | Use After Free vulnerability in multiple products In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). | 6.7 |