5.3.12

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19050	Memory Leak vulnerability in multiple products A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. network low complexity linux fedoraproject canonical netapp broadcom CWE-401	7.5
2019-11-07	CVE-2019-18812	Memory Leak vulnerability in Linux Kernel A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef. network low complexity linux CWE-401	7.5
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-08-19	CVE-2018-20976	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. local low complexity linux CWE-416	7.8
2019-08-19	CVE-2016-10905	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. local low complexity linux CWE-416	7.8
2019-08-16	CVE-2019-15099	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. network low complexity linux canonical CWE-476	7.5
2019-07-26	CVE-2018-20854	Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.20. local low complexity linux CWE-125	7.8
2019-04-22	CVE-2019-3901	A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. local high complexity linux debian netapp	4.7
2019-04-12	CVE-2019-11190	Race Condition vulnerability in Linux Kernel The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. local high complexity linux CWE-362	4.7
2019-04-09	CVE-2019-3887	A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat	5.6