Vulnerabilities > Linux > Linux Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-12351 | Improper Input Validation vulnerability in Linux Kernel Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | 8.8 |
| 2020-11-17 | CVE-2020-25705 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 7.4 |
| 2020-10-13 | CVE-2020-25645 | A flaw was found in the Linux kernel in versions before 5.9-rc7. | 7.5 |
| 2020-10-06 | CVE-2020-25643 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. | 7.2 |
| 2020-09-16 | CVE-2020-14386 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 7.8 |
| 2020-09-10 | CVE-2020-25221 | Operation on a Resource after Expiration or Release vulnerability in multiple products get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. | 7.8 |
| 2020-09-10 | CVE-2020-25220 | Use After Free vulnerability in Linux Kernel The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. | 7.8 |
| 2020-09-09 | CVE-2020-25212 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. | 7.0 |
| 2020-09-09 | CVE-2020-1749 | A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. | 7.5 |
| 2020-08-19 | CVE-2020-14356 | NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. | 7.8 |