5.4.16

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-09	CVE-2020-11668	NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. local low complexity linux CWE-476	5.6
2020-04-07	CVE-2020-11609	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. local low complexity linux canonical CWE-476	4.9
2020-04-07	CVE-2020-11608	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.1. local low complexity linux canonical CWE-476	4.9
2020-04-06	CVE-2020-11565	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.2. local low complexity linux canonical CWE-787	6.0
2020-04-02	CVE-2020-11494	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. local low complexity linux opensuse debian canonical CWE-909	2.1
2020-04-02	CVE-2020-8835	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. local low complexity linux fedoraproject canonical netapp CWE-787	7.8
2020-03-24	CVE-2020-10942	Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. local linux opensuse debian canonical CWE-787	5.4
2020-02-25	CVE-2020-9383	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. local low complexity linux debian opensuse canonical netapp CWE-125	7.1
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	4.9
2020-02-06	CVE-2020-8649	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. local low complexity linux opensuse debian CWE-416	3.6