CVE-2020-0423 CVE-2020-8694 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-28941 CVE-2020-28974 Debian Bug : 949863 968623 971058
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
CVE-2019-19039
"Team bobfuzzer" reported a bug in Btrfs that could lead to an
assertion failure (WARN). A user permitted to mount and access
arbitrary filesystems could use this to cause a denial of service
(crash) if the panic_on_warn kernel parameter is set.
CVE-2019-19377
"Team bobfuzzer" reported a bug in Btrfs that could lead to a
use-after-free. A user permitted to mount and access arbitrary
filesystems could use this to cause a denial of service (crash or
memory corruption) or possibly for privilege escalation.
CVE-2019-19770
The syzbot tool discovered a race condition in the block I/O
tracer (blktrace) that could lead to a system crash. Since
blktrace can only be controlled by privileged users, the security
impact of this is unclear.
CVE-2019-19816
"Team bobfuzzer" reported a bug in Btrfs that could lead to an
out-of-bounds write. A user permitted to mount and access
arbitrary filesystems could use this to cause a denial of service
(crash or memory corruption) or possibly for privilege escalation.
CVE-2020-0423
A race condition was discovered in the Android binder driver, that
could result in a use-after-free. On systems using this driver, a
local user could use this to cause a denial of service (crash or
memory corruption) or possibly for privilege escalation.
CVE-2020-8694
Multiple researchers discovered that the powercap subsystem
allowed all users to read CPU energy meters, by default. On
systems...
4.19.160-2~deb9u1