Linux Kernel CVE Statistics
22 Linux Kernel CVEs in September 2020
Full month · Source: NIST NVD
In September 2020, 22 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 6 were rated High severity and 16 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. September's 22 CVEs represent 17% of all 2020 Linux kernel CVEs , up from August's 2 (a 1000% month-over-month increase) .
22
Total CVEs
0
Critical
6
High
16
Medium
0
Low
0
KEV Exploited
All CVEs — September 2020
22 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2020-14386 | linux | High | 7.8 | 2020-09-16 | A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from un… | |
| CVE-2020-25221 | linux | High | 7.8 | 2020-09-10 | get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incor… | |
| CVE-2020-25220 | linux | High | 7.8 | 2020-09-10 | The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because … | |
| CVE-2020-15590 | linux | High | 7.5 | 2020-09-14 | A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to b… | |
| CVE-2020-1749 | linux | High | 7.5 | 2020-09-09 | A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE t… | |
| CVE-2020-25212 | linux | High | 7.0 | 2020-09-09 | A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt m… | |
| CVE-2020-14331 | linux | Medium | 6.6 | 2020-09-15 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker at… | |
| CVE-2020-25285 | linux | Medium | 6.4 | 2020-09-13 | A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by loca… | |
| CVE-2020-25211 | linux | Medium | 6.0 | 2020-09-09 | In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a loca… | |
| CVE-2020-14390 | linux | Medium | 5.6 | 2020-09-18 | A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory wri… | |
| CVE-2020-26088 | linux | Medium | 5.5 | 2020-09-24 | A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used … | |
| CVE-2020-10768 | linux | Medium | 5.5 | 2020-09-16 | A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect br… | |
| CVE-2020-10781 | linux | Medium | 5.5 | 2020-09-16 | A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and th… | |
| CVE-2020-10767 | linux | Medium | 5.5 | 2020-09-15 | A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Predict… | |
| CVE-2020-14385 | linux | Medium | 5.5 | 2020-09-15 | A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause a… |