High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-30	CVE-2018-16871	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. network low complexity linux redhat netapp CWE-476	7.5
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2009-11-04	CVE-2009-3547	Operation on a Resource after Expiration or Release vulnerability in multiple products Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. local high complexity linux novell opensuse suse canonical fedoraproject vmware redhat CWE-672	7.0
2009-10-22	CVE-2009-3620	Use of Uninitialized Resource vulnerability in multiple products The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. local low complexity linux fedoraproject canonical redhat opensuse suse CWE-908	7.8