5.4.7

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	5.5
2020-02-06	CVE-2020-8649	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. low complexity linux opensuse debian CWE-416	5.9
2020-02-06	CVE-2020-8648	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. local low complexity linux debian opensuse netapp broadcom canonical CWE-416	7.1
2020-02-06	CVE-2020-8647	Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. local low complexity linux debian opensuse CWE-416	6.1
2020-01-31	CVE-2019-3016	Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. local high complexity linux CWE-362	4.7
2020-01-29	CVE-2020-8428	Use After Free vulnerability in Linux Kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. local low complexity linux CWE-416	7.1
2019-12-08	CVE-2019-19448	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. local low complexity linux debian canonical netapp CWE-416	7.8
2019-11-29	CVE-2019-19377	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. local low complexity linux netapp CWE-416	7.8
2019-11-29	CVE-2019-14901	A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux fedoraproject debian canonical critical	9.8
2019-11-29	CVE-2019-14897	A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. network low complexity linux debian canonical critical	9.8