5.2.7

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-17	CVE-2019-14835	Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. local low complexity linux canonical debian fedoraproject opensuse netapp redhat huawei CWE-120	7.8
2019-09-06	CVE-2019-16089	NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 5.2.13. local high complexity linux CWE-476	4.1
2019-08-25	CVE-2019-15538	Resource Exhaustion vulnerability in multiple products An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. network low complexity linux canonical netapp opensuse debian fedoraproject CWE-400	7.5
2019-08-23	CVE-2019-15505	Out-of-bounds Read vulnerability in multiple products drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). network low complexity linux debian canonical CWE-125 critical	9.8
2019-08-23	CVE-2019-15504	Double Free vulnerability in multiple products drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). network low complexity linux canonical CWE-415 critical	9.8
2019-08-19	CVE-2018-20976	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. local low complexity linux CWE-416	7.8
2019-08-19	CVE-2016-10905	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. local low complexity linux CWE-416	7.8
2019-08-16	CVE-2019-15118	Uncontrolled Recursion vulnerability in multiple products check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. local low complexity linux canonical debian opensuse netapp CWE-674	5.5
2019-08-16	CVE-2019-15117	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. local low complexity linux CWE-119	7.8
2019-08-16	CVE-2019-15099	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. network low complexity linux canonical CWE-476	7.5