5.4.2

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-06	CVE-2020-8648	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. local low complexity linux debian opensuse netapp broadcom canonical CWE-416	3.6
2020-02-06	CVE-2020-8647	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. local low complexity linux debian opensuse CWE-416	3.6
2020-01-31	CVE-2019-3016	Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. local high complexity linux CWE-362	4.7
2020-01-29	CVE-2020-8428	Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. local low complexity linux CWE-416	3.6
2019-12-25	CVE-2019-19965	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. local linux debian canonical netapp opensuse CWE-476	1.9
2019-12-24	CVE-2019-19947	Use of Uninitialized Resource vulnerability in multiple products In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. low complexity linux debian canonical netapp CWE-908	4.6
2019-12-08	CVE-2019-19448	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. local low complexity linux debian canonical netapp CWE-416	7.8
2019-12-08	CVE-2019-19447	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. local low complexity linux netapp CWE-416	7.8
2019-11-29	CVE-2019-19377	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. local low complexity linux netapp CWE-416	7.8
2019-11-29	CVE-2019-14901	Heap-based Buffer Overflow vulnerability in multiple products A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux fedoraproject debian canonical CWE-122 critical	9.8