Vulnerabilities > Linux > Linux Kernel > 5.6.6

DATE CVE VULNERABILITY TITLE RISK
2020-05-27 CVE-2019-20806 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.2.
local
low complexity
linux CWE-476
4.4
2020-05-22 CVE-2020-10711 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7.
network
high complexity
linux redhat debian opensuse canonical CWE-476
5.9
2020-05-18 CVE-2020-13143 Out-of-bounds Read vulnerability in multiple products
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
network
low complexity
linux opensuse debian canonical netapp CWE-125
6.5
2020-05-15 CVE-2020-12888 Improper Handling of Exceptional Conditions vulnerability in multiple products
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3
2020-05-09 CVE-2020-12771 Improper Locking vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.11.
5.5
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
2020-05-09 CVE-2019-20794 Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed.
local
high complexity
linux CWE-772
4.7
2020-05-05 CVE-2020-12659 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.7.
local
low complexity
linux netapp CWE-787
6.7
2020-05-05 CVE-2020-12656 Memory Leak vulnerability in multiple products
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.
local
low complexity
linux canonical opensuse CWE-401
5.5
2020-05-05 CVE-2020-12655 Infinite Loop vulnerability in Linux Kernel
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
local
low complexity
linux CWE-835
5.5