Linux Kernel CVE Statistics
18 Linux Kernel CVEs in November 2020
Full month · Source: NIST NVD
In November 2020, 18 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 5 were rated High severity and 11 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. November's 18 CVEs represent 14% of all 2020 Linux kernel CVEs , up from October's 7 (a 157% month-over-month increase) .
18
Total CVEs
0
Critical
5
High
11
Medium
2
Low
0
KEV Exploited
All CVEs — November 2020
18 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2020-25661 | linux | High | 8.8 | 2020-11-05 | A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled… | |
| CVE-2020-25705 | linux | High | 7.4 | 2020-11-17 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an of… | |
| CVE-2020-29370 | linux | High | 7.0 | 2020-11-28 | An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the… | |
| CVE-2020-29368 | linux | High | 7.0 | 2020-11-28 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write imp… | |
| CVE-2020-29369 | linux | High | 7.0 | 2020-11-28 | An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expan… | |
| CVE-2020-15436 | linux | Medium | 6.7 | 2020-11-23 | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or … | |
| CVE-2020-29373 | linux | Medium | 6.5 | 2020-11-28 | An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during … | |
| CVE-2020-25662 | linux | Medium | 6.5 | 2020-11-05 | A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation h… | |
| CVE-2020-28915 | linux | Medium | 5.8 | 2020-11-18 | A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by loca… | |
| CVE-2020-28941 | linux | Medium | 5.5 | 2020-11-19 | An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers… | |
| CVE-2020-8694 | linux | Medium | 5.5 | 2020-11-12 | Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to … | |
| CVE-2020-27152 | linux | Medium | 5.5 | 2020-11-06 | An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an … | |
| CVE-2019-20934 | linux | Medium | 5.3 | 2020-11-28 | An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-fre… | |
| CVE-2020-28974 | linux | Medium | 5.0 | 2020-11-20 | A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged… | |
| CVE-2020-29372 | linux | Medium | 4.7 | 2020-11-28 | An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition betwe… |