Vulnerabilities > Linux > Linux Kernel > 5.4.215
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-22 | CVE-2020-27675 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. | 4.7 |
| 2020-10-06 | CVE-2020-25641 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. | 5.5 |
| 2020-09-16 | CVE-2020-10781 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. | 5.5 |
| 2020-09-16 | CVE-2020-10768 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. | 5.5 |
| 2020-09-15 | CVE-2020-10767 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). | 5.5 |
| 2020-09-15 | CVE-2020-10766 | Unspecified vulnerability in Linux Kernel A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. | 5.5 |
| 2020-09-15 | CVE-2020-14385 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 5.5 |
| 2020-09-15 | CVE-2020-14331 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. | 6.6 |
| 2020-09-09 | CVE-2020-25211 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | 6.0 |
| 2020-08-19 | CVE-2020-24394 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. | 7.1 |