Vulnerabilities > Linux > Linux Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-02-06 CVE-2020-8649 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
low complexity
linux opensuse debian CWE-416
5.9
2020-02-06 CVE-2020-8647 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
local
low complexity
linux debian opensuse CWE-416
6.1
2020-01-31 CVE-2019-3016 Race Condition vulnerability in Linux Kernel
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest.
local
high complexity
linux CWE-362
4.7
2020-01-27 CVE-2019-20422 Improper Handling of Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.
local
low complexity
linux CWE-755
5.5
2020-01-16 CVE-2019-18282 Use of Insufficiently Random Values vulnerability in multiple products
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f.
network
low complexity
linux debian netapp CWE-330
5.3
2020-01-15 CVE-2007-4774 Race Condition vulnerability in Linux Kernel
The Linux kernel before 2.4.36-rc1 has a race condition.
network
high complexity
linux CWE-362
5.9
2020-01-09 CVE-2019-19332 An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor.
local
low complexity
linux redhat
6.1
2019-12-31 CVE-2019-19927 Out-of-bounds Read vulnerability in multiple products
In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c.
local
low complexity
linux opensuse CWE-125
6.0
2019-12-30 CVE-2019-20096 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
local
low complexity
linux debian canonical CWE-401
5.5
2019-12-30 CVE-2019-20095 Memory Leak vulnerability in multiple products
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82.
local
low complexity
linux opensuse netapp CWE-401
5.5