Vulnerabilities > Linux > Linux Kernel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-05 | CVE-2020-12655 | Infinite Loop vulnerability in Linux Kernel An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. | 5.5 |
| 2020-05-05 | CVE-2020-12652 | Race Condition vulnerability in Linux Kernel The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. | 4.1 |
| 2020-05-04 | CVE-2020-12114 | Race Condition vulnerability in Linux Kernel A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter. | 4.7 |
| 2020-04-29 | CVE-2020-12465 | Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. | 6.7 |
| 2020-04-29 | CVE-2020-12464 | Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | 6.7 |
| 2020-04-24 | CVE-2019-15794 | Operation on a Resource after Expiration or Release vulnerability in multiple products Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. | 6.7 |
| 2020-04-10 | CVE-2020-11669 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. | 5.5 |
| 2020-04-09 | CVE-2020-8834 | Race Condition vulnerability in multiple products KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. | 6.5 |
| 2020-04-08 | CVE-2019-20636 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | 6.7 |
| 2020-04-07 | CVE-2020-11609 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. | 4.3 |