CVE-2020-12351 CVE-2020-12352 CVE-2020-12655 CVE-2020-12771 CVE-2020-12888 CVE-2020-14305 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-14386 CVE-2020-14390 CVE-2020-15393 CVE-2020-16166 CVE-2020-24490 CVE-2020-25211 CVE-2020-25212 CVE-2020-25220 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
CVE-2019-9445
A potential out-of-bounds read was discovered in the F2FS
implementation. A user permitted to mount and access arbitrary
filesystems could potentially use this to cause a denial of
service (crash) or to read sensitive information.
CVE-2019-19073, CVE-2019-19074
Navid Emamdoost discovered potential memory leaks in the ath9k and
ath9k_htc drivers. The security impact of these is unclear.
CVE-2019-19448
"Team bobfuzzer" reported a bug in Btrfs that could lead to a
use-after-free, and could be triggered by crafted filesystem
images. A user permitted to mount and access arbitrary
filesystems could use this to cause a denial of service (crash or
memory corruption) or possibly for privilege escalation.
CVE-2020-12351
Andy Nguyen discovered a flaw in the Bluetooth implementation in
the way L2CAP packets with A2MP CID are handled. A remote attacker
within a short distance, knowing the victim's Bluetooth device
address, can send a malicious l2cap packet and cause a denial of
service or possibly arbitrary code execution with kernel
privileges.
CVE-2020-12352
Andy Nguyen discovered a flaw in the Bluetooth implementation.
Stack memory is not properly initialised when handling certain AMP
packets. A remote attacker within a short distance, knowing the
victim's Bluetooth device...
4.9.240-1