Vulnerabilities > Linux > Linux Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-13 CVE-2019-19338 Information Exposure Through Discrepancy vulnerability in multiple products
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs.
local
low complexity
linux redhat CWE-203
5.5
5.5
2020-06-29 CVE-2020-15393 Memory Leak vulnerability in multiple products
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
local
low complexity
linux debian opensuse canonical CWE-401
5.5
5.5
2020-06-18 CVE-2020-14416 Use After Free vulnerability in multiple products
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824.
local
low complexity
linux opensuse CWE-416
4.2
4.2
2020-06-12 CVE-2020-10732 A flaw was found in the Linux kernel's implementation of Userspace core dumps.
local
low complexity
linux opensuse canonical netapp
4.4
4.4
2020-06-03 CVE-2019-20812 Resource Exhaustion vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.4.7.
local
low complexity
linux CWE-400
5.5
5.5
2020-06-03 CVE-2019-20811 An issue was discovered in the Linux kernel before 5.0.6.
local
low complexity
linux debian canonical
5.5
5.5
2020-06-03 CVE-2019-20810 Memory Leak vulnerability in multiple products
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
local
low complexity
linux opensuse canonical CWE-401
5.5
5.5
2020-05-27 CVE-2019-20806 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.2.
local
low complexity
linux CWE-476
4.4
4.4
2020-05-22 CVE-2020-10711 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7.
network
high complexity
linux redhat debian opensuse canonical CWE-476
5.9
5.9
2020-05-18 CVE-2020-13143 Out-of-bounds Read vulnerability in multiple products
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
network
low complexity
linux opensuse debian canonical netapp CWE-125
6.5
6.5