Vulnerabilities > Linux > Linux Kernel > 5.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-09 | CVE-2019-20794 | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. | 4.7 |
| 2020-05-05 | CVE-2020-12659 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. | 6.7 |
| 2020-05-05 | CVE-2020-12657 | Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.6.5. | 7.8 |
| 2020-05-05 | CVE-2020-12656 | Memory Leak vulnerability in multiple products gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. | 5.5 |
| 2020-05-05 | CVE-2020-12655 | Infinite Loop vulnerability in Linux Kernel An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. | 5.5 |
| 2020-04-29 | CVE-2020-12464 | Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | 6.7 |
| 2020-04-29 | CVE-2020-11884 | Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. | 7.0 |
| 2020-04-12 | CVE-2020-11725 | Unspecified vulnerability in Linux Kernel snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept. | 7.8 |
| 2020-04-10 | CVE-2020-11669 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. | 5.5 |
| 2020-04-02 | CVE-2020-11494 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. | 4.4 |