QID 353133

a flaw was found in the linux kernel.
A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges.
the highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (
( CVE-2020-14351) a flaw was found in the linux kernel.
A use-after-free was found in the way the console subsystem was using ioctls kdgkbsent and kdskbsent.
A local user could use this flaw to get read memory access out of bounds.
The highest threat from this vulnerability is to data confidentiality. (
( CVE-2020-25656) a use-after-free flaw was found in the linux kernels tty driver functionality in the way the user triggers the con_font_op function.
This flaw allows a local user to crash or escalate their privileges on the system or expose sensitive information (kernel memory). (
( CVE-2020-25668) a memory leak flaw was found in the linux kernels performance monitoring subsystem when using perf_event_ioc_set_filter.
This flaw allows a local user to starve the resources, causing a denial of service.
The highest threat from this vulnerability is to system availability. (
( CVE-2020-25704) an issue was discovered in the linux kernel through 5.9.1, as used with xen through 4.14.x.
Guest os users can cause a denial of service (host os hang) via a high rate of events to dom0, aka cid-e99502f76271. (
( CVE-2020-27673) an issue was discovered in the linux kernel through 5.9.1, as used with xen through 4.14.x.
Drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition).
( CVE-2020-28974)

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.