5.6.13

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3
2020-01-31	CVE-2019-3016	Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. local high complexity linux CWE-362	4.7
2019-12-08	CVE-2019-19448	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. local low complexity linux debian canonical netapp CWE-416	7.8
2019-08-19	CVE-2018-20976	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. local low complexity linux CWE-416	7.8
2019-08-19	CVE-2016-10905	Use After Free vulnerability in Linux Kernel An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. local low complexity linux CWE-416	7.8
2019-07-26	CVE-2018-20854	Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.20. local low complexity linux CWE-125	7.8
2019-04-22	CVE-2019-3901	Improper Locking vulnerability in multiple products A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. local high complexity linux debian netapp CWE-667	4.7
2019-04-09	CVE-2019-3887	Incorrect Authorization vulnerability in multiple products A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat CWE-863	5.6
2019-01-25	CVE-2019-3819	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. local low complexity linux debian canonical opensuse CWE-835	4.9