Vulnerabilities > Linux > Linux Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-10757 | Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. | 7.8 |
| 2020-06-09 | CVE-2020-13974 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Linux kernel 4.4 through 5.7.1. | 7.8 |
| 2020-05-08 | CVE-2019-14898 | The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. | 7.0 |
| 2020-05-05 | CVE-2020-12657 | Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.6.5. | 7.8 |
| 2020-05-05 | CVE-2020-12653 | Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. | 7.8 |
| 2020-05-05 | CVE-2020-12654 | Out-of-bounds Write vulnerability in Linux Kernel An issue was found in Linux kernel before 5.5.4. | 7.1 |
| 2020-04-29 | CVE-2020-11884 | Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. | 7.0 |
| 2020-04-24 | CVE-2019-15793 | Incorrect Default Permissions vulnerability in multiple products In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. | 8.8 |
| 2020-04-24 | CVE-2019-15792 | Type Confusion vulnerability in multiple products In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". | 7.8 |
| 2020-04-24 | CVE-2019-15791 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. | 7.8 |