The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time.
Base Score: 7.8
Impact Score: 6.9
Exploitability Score: 10
Base Score: 7.5
Impact Score: 3.6
Exploitability Score: 3.9
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 5.3.11 (inclusive)
|134658||Ubuntu 18.04 LTS / 19.10 : Linux kernel vulnerabilities (USN-4300-1)||Nessus||Ubuntu Local Security Checks|
|131334||Fedora 31 : kernel (2019-34a75d7e61)||Nessus||Fedora Local Security Checks|
|131332||Fedora 30 : kernel (2019-021c968423)||Nessus||Fedora Local Security Checks|