Vulnerabilities > Linux > Linux Kernel > 5.8.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-02 | CVE-2020-26541 | Unspecified vulnerability in Linux Kernel The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. | 6.5 |
| 2020-09-18 | CVE-2020-14390 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.9-rc6. | 5.6 |
| 2020-09-16 | CVE-2020-14386 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 7.8 |
| 2020-09-15 | CVE-2020-14385 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 5.5 |
| 2020-09-15 | CVE-2020-14314 | A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. | 5.5 |
| 2020-09-13 | CVE-2020-25285 | NULL Pointer Dereference vulnerability in multiple products A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | 6.4 |
| 2020-09-13 | CVE-2020-25284 | Incorrect Authorization vulnerability in multiple products The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | 4.1 |
| 2020-09-10 | CVE-2020-25221 | Operation on a Resource after Expiration or Release vulnerability in multiple products get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. | 7.8 |
| 2020-09-09 | CVE-2020-25211 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | 6.0 |
| 2020-09-03 | CVE-2020-10720 | Use After Free vulnerability in Linux Kernel A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. | 5.5 |