Vulnerabilities > Linux > Linux Kernel > 5.4.148

DATE CVE VULNERABILITY TITLE RISK
2020-04-12 CVE-2020-11725 Unspecified vulnerability in Linux Kernel
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept.
local
low complexity
linux
7.8
2020-04-06 CVE-2020-11565 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.2.
local
low complexity
linux canonical CWE-787
6.0
2020-02-25 CVE-2020-9383 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel 3.16 through 5.5.6.
local
low complexity
linux debian opensuse canonical netapp CWE-125
7.1
2020-01-31 CVE-2019-3016 Race Condition vulnerability in Linux Kernel
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest.
local
high complexity
linux CWE-362
4.7
2019-08-19 CVE-2018-20976 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18.
local
low complexity
linux CWE-416
7.8
2019-08-19 CVE-2016-10905 Use After Free vulnerability in Linux Kernel
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8.
local
low complexity
linux CWE-416
7.8
2019-07-26 CVE-2018-20854 Out-of-bounds Read vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.20.
local
low complexity
linux CWE-125
7.8
2019-04-22 CVE-2019-3901 Improper Locking vulnerability in multiple products
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.
local
high complexity
linux debian netapp CWE-667
4.7
2019-04-09 CVE-2019-3887 Incorrect Authorization vulnerability in multiple products
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled.
local
high complexity
linux fedoraproject canonical redhat CWE-863
5.6
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8