Linux Kernel CVE Statistics
18 Linux Kernel CVEs in April 2020
Full month · Source: NIST NVD
In April 2020, 18 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 7 were rated High severity and 11 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. April's 18 CVEs represent 14% of all 2020 Linux kernel CVEs , up from March's 1 (a 1700% month-over-month increase) .
18
Total CVEs
0
Critical
7
High
11
Medium
0
Low
0
KEV Exploited
All CVEs — April 2020
18 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2019-15793 | linux | High | 8.8 | 2020-04-24 | In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several location… | |
| CVE-2019-15792 | linux | High | 7.8 | 2020-04-24 | In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_io… | |
| CVE-2019-15791 | linux | High | 7.8 | 2020-04-24 | In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_io… | |
| CVE-2020-11725 | linux | High | 7.8 | 2020-04-12 | snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later af… | |
| CVE-2020-8835 | linux | High | 7.8 | 2020-04-02 | In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bo… | |
| CVE-2020-11668 | linux | High | 7.1 | 2020-04-09 | In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles … | |
| CVE-2020-11884 | linux | High | 7.0 | 2020-04-29 | In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as d… | |
| CVE-2020-12465 | linux | Medium | 6.7 | 2020-04-29 | An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel b… | |
| CVE-2020-12464 | linux | Medium | 6.7 | 2020-04-29 | usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer oc… | |
| CVE-2019-15794 | linux | Medium | 6.7 | 2020-04-24 | Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 … | |
| CVE-2019-20636 | linux | Medium | 6.7 | 2020-04-08 | In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demon… | |
| CVE-2020-8834 | linux | Medium | 6.5 | 2020-04-09 | KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_ent… | |
| CVE-2020-11565 | linux | Medium | 6.0 | 2020-04-06 | An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bo… | |
| CVE-2020-8832 | linux | Medium | 5.5 | 2020-04-10 | The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data stru… | |
| CVE-2020-11669 | linux | Medium | 5.5 | 2020-04-10 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does … |