Vulnerabilities > Linux > Linux Kernel > 5.6.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-18 | CVE-2020-13143 | Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | 6.5 |
2020-05-15 | CVE-2020-12888 | Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | 5.3 |
2020-05-09 | CVE-2020-12770 | An issue was discovered in the Linux kernel through 5.6.11. | 6.7 |
2020-05-05 | CVE-2020-12659 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. | 6.7 |
2020-05-05 | CVE-2020-12656 | Memory Leak vulnerability in multiple products gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. | 5.5 |
2020-05-05 | CVE-2020-12655 | Infinite Loop vulnerability in Linux Kernel An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. | 5.5 |
2020-04-29 | CVE-2020-12464 | Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | 6.7 |
2020-04-29 | CVE-2020-11884 | Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. | 7.0 |
2020-01-31 | CVE-2019-3016 | Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. | 4.7 |
2019-12-08 | CVE-2019-19448 | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. | 7.8 |