kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.