5.3.17

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	5.5
2020-02-06	CVE-2020-8649	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. low complexity linux opensuse debian CWE-416	5.9
2020-02-06	CVE-2020-8648	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. local low complexity linux debian opensuse netapp broadcom canonical CWE-416	7.1
2020-02-06	CVE-2020-8647	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. local low complexity linux debian opensuse CWE-416	6.1
2020-01-31	CVE-2019-3016	Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. local high complexity linux CWE-362	4.7
2020-01-29	CVE-2020-8428	Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. local low complexity linux CWE-416	7.1
2020-01-09	CVE-2019-19332	An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. local low complexity linux redhat	6.1
2019-12-25	CVE-2019-19965	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. local high complexity linux debian canonical netapp opensuse CWE-476	4.7
2019-12-24	CVE-2019-19947	Use of Uninitialized Resource vulnerability in multiple products In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. low complexity linux debian canonical netapp CWE-908	4.6
2019-12-17	CVE-2019-19241	Unspecified vulnerability in Linux Kernel In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. local low complexity linux	7.8