Linux Kernel CVE Statistics
15 Linux Kernel CVEs in April 2019
Full month · Source: NIST NVD
In April 2019, 15 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 6 were rated High severity and 8 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. April's 15 CVEs represent 5% of all 2019 Linux kernel CVEs , up from March's 8 (a 88% month-over-month increase) .
15
Total CVEs
0
Critical
6
High
8
Medium
1
Low
0
KEV Exploited
All CVEs — April 2019
15 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2019-11487 | linux | High | 7.8 | 2019-04-23 | The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, … | |
| CVE-2019-8956 | linux | High | 7.8 | 2019-04-01 | In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sct… | |
| CVE-2019-3900 | linux | High | 7.7 | 2019-04-25 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while han… | |
| CVE-2019-7303 | linux | High | 7.5 | 2019-04-23 | A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert cha… | |
| CVE-2019-11599 | linux | High | 7.0 | 2019-04-29 | The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma l… | |
| CVE-2019-11486 | linux | High | 7.0 | 2019-04-23 | The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race co… | |
| CVE-2019-3460 | linux | Medium | 6.5 | 2019-04-11 | A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. | |
| CVE-2019-3459 | linux | Medium | 6.5 | 2019-04-11 | A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. | |
| CVE-2013-7470 | linux | Medium | 5.9 | 2019-04-23 | cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allo… | |
| CVE-2018-20510 | linux | Medium | 5.5 | 2019-04-30 | The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local user… | |
| CVE-2018-20509 | linux | Medium | 5.5 | 2019-04-30 | The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obt… | |
| CVE-2019-3882 | linux | Medium | 5.5 | 2019-04-24 | A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory… | |
| CVE-2018-20449 | linux | Medium | 5.5 | 2019-04-04 | The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain … | |
| CVE-2019-11190 | linux | Medium | 4.7 | 2019-04-12 | The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec… | |
| CVE-2019-11191 | linux | Low | 2.5 | 2019-04-12 | The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass … |