5.6.4

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-09	CVE-2020-13974	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Linux kernel 4.4 through 5.7.1. local low complexity linux debian canonical CWE-190	7.8
2020-05-22	CVE-2020-10711	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. network high complexity linux redhat debian opensuse canonical CWE-476	5.9
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3
2020-05-09	CVE-2020-12770	An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux fedoraproject canonical debian netapp	6.7
2020-05-05	CVE-2020-12659	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. local low complexity linux netapp CWE-787	6.7
2020-05-05	CVE-2020-12656	Memory Leak vulnerability in multiple products gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. local low complexity linux canonical opensuse CWE-401	5.5
2020-05-05	CVE-2020-12655	Infinite Loop vulnerability in Linux Kernel An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. local low complexity linux CWE-835	5.5
2020-04-29	CVE-2020-12464	Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. local low complexity linux netapp CWE-416	6.7
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0