Errata ALT-PU-2020-2433-1: Information
Fixes
Published: March 2, 2017
BDU:2017-00767
Уязвимость компонента Kernel Samepage Merging (KSM) операционной системы Linux, позволяющая нарушителю оказать влияние на конфиденциальность информации
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Oct. 11, 2018
BDU:2019-01352
Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 8, 2018
BDU:2019-02456
Уязвимость реализации протокола NFS ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 12, 2019
BDU:2019-02507
Уязвимость компонента arch/powerpc/mm/mmu_context_book3s64.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к содержимому памяти или вызвать повреждение памяти других процессов в системе
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 17, 2019
BDU:2019-02688
Уязвимость реализации протокола Siemens R3964 драйвера drivers/tty/n_r3964.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 4, 2019
BDU:2019-02751
Уязвимость ядра операционной системы Linux, связанная с использованием памяти после её освобождения, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Links:
Published: March 27, 2019
BDU:2019-02762
Уязвимость функции net_hash_mix () ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: June 14, 2019
BDU:2019-02777
Уязвимость функции do_hidp_sock_ioctl ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 27, 2019
BDU:2019-02778
Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании и получить конфиденциальную информацию
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 10, 2019
BDU:2019-02780
Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: March 27, 2019
BDU:2019-02915
Уязвимость хеш-функции «jhash» ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
Published: Aug. 19, 2019
BDU:2019-03086
Уязвимость драйвера sound/usb/helper.c (motu_microbookii) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03087
Уязвимость драйвера sound/usb/line6/pcm.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03088
Уязвимость драйвера drivers/net/wireless/intersil/p54/p54usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03089
Уязвимость драйвера drivers/usb/misc/sisusbvga/sisusb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03090
Уязвимость драйвера drivers/media/usb/siano/smsusb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03091
Уязвимость драйвера drivers/media/usb/zr364xx/zr364xx.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03092
Уязвимость драйвера drivers/usb/misc/yurex.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03093
Уязвимость драйвера drivers/media/usb/cpia2/cpia2_usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 16, 2019
BDU:2019-03094
Уязвимость компонентов sound/core/init.c и sound/core/info.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 22, 2019
BDU:2019-03095
Уязвимость драйвера drivers/media/usb/dvb-usb/dvb-usb-init.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03096
Уязвимость драйвера drivers/usb/misc/rio500.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2019-03097
Уязвимость драйвера drivers/media/v4l2-core/v4l2-dev.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 20, 2019
BDU:2019-03209
Уязвимость драйвера drivers/scsi/qedi/qedi_dbg.c ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (6.2) Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Aug. 4, 2019
BDU:2019-03219
Уязвимость драйвера drivers/net/wireless/ath/ath10k/usb.c ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 16, 2019
BDU:2019-03220
Уязвимость драйвера drivers/net/wireless/ath/ath6kl/usb.c ядра операционных систем Linux, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: Feb. 9, 2019
BDU:2019-03237
Уязвимость драйверов drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c и drivers/char/ipmi/ipmi_si_port_io.c ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 17, 2019
BDU:2019-03410
Уязвимость функции set_geometry (drivers/block/floppy.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию
Severity: MEDIUM (5.6) Vector: AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H
Links:
Published: Sept. 5, 2019
BDU:2019-03478
Уязвимость функции nbd_genl_status ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.1) Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 9, 2019
BDU:2019-03479
Уязвимость драйвера sound/usb/line6/driver.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 23, 2019
BDU:2019-03507
Уязвимость компонента net/wireless/nl80211.c ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 13, 2019
BDU:2019-03626
Уязвимость функции parse_hid_report_descriptor() ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании
Severity: MEDIUM (6.8) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 18, 2019
BDU:2019-03627
Уязвимость ядра операционной системы Linux, связанная с ошибкой управления ресурсами, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 17, 2019
BDU:2019-03628
Уязвимость функции setup_format_params() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.2) Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2019
BDU:2019-03630
Уязвимость модуля vhost_net ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 15, 2019
BDU:2019-03812
Уязвимость функции rtl_p2p_noa_ie из drivers/net/wireless/realtek/rtlwifi/ps.c ядра операционной системы Linux, связанная с переполнением буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (8.8) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 1, 2019
BDU:2019-03827
Уязвимость функции write_tpt_entry (drivers/infiniband/hw/cxgb4/mem.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 2, 2019
BDU:2019-03996
Уязвимость ядра операционной системы Linux, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
Severity: LOW (2.8) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Links:
Published: Oct. 28, 2019
BDU:2019-04509
Уязвимость функции sof_set_get_large_ctrl_data() (sound/soc/sof/ipc.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 24, 2019
BDU:2019-04510
Уязвимость функции af9005_identify_state() (drivers/media/usb/dvb-usb/af9005.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 5, 2019
BDU:2019-04511
Уязвимость функции ccp_run_sha_cmd() (drivers/crypto/ccp/ccp-ops.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 6, 2019
BDU:2019-04512
Уязвимость функции aa_audit_rule_init() (security/apparmor/audit.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 4, 2019
BDU:2019-04516
Уязвимость функции ql_alloc_large_buffers() (drivers/net/ethernet/qlogic/qla3xxx.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 27, 2019
BDU:2019-04518
Уязвимость функции dwc3_pci_probe() (drivers/usb/dwc3/dwc3-pci.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 18, 2019
BDU:2019-04660
Уязвимость функции mlx5_fpga_conn_create_cq() (drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 4, 2019
BDU:2019-04661
Уязвимость функции gs_can_open() (drivers/net/can/usb/gs_usb.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04662
Уязвимость функции mwifiex_pcie_alloc_cmdrsp_buf() (drivers/net/wireless/marvell/mwifiex/pcie.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 7, 2019
BDU:2019-04664
Уязвимость функции nl80211_get_ftm_responder_stats() (net/wireless/nl80211.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 11, 2019
BDU:2019-04665
Уязвимость функции i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 7, 2019
BDU:2019-04666
Уязвимость функции cx23888_ir_probe() (drivers/media/pci/cx23885/cx23888-ir.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 23, 2019
BDU:2019-04669
Уязвимость функции unittest_data_add() (drivers/of/unittest.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 11, 2019
BDU:2019-04676
Уязвимость ядра Linux, связанная с переполнения буфера виртуальной памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 18, 2019
BDU:2019-04677
Уязвимость функции Coalesced_MMIO ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Links:
Published: Feb. 28, 2019
BDU:2019-04720
Уязвимость компонента __xfrm_policy_unlink ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 28, 2019
BDU:2019-04788
Уязвимость функции из marvell/mwifiex/tdls.c драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 26, 2019
BDU:2019-04798
Уязвимость функции add_ie_rates (drivers/net/wireless/marvell/libertas/cfg.c) драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 28, 2019
BDU:2019-04799
Уязвимость функции mwifiex_process_country_ie() (drivers/net/wireless/marvell/mwifiex/sta_ioctl.c) драйвера Marvell WiFi ядра операционной системы Linux, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 1, 2019
BDU:2019-04801
Уязвимость функции rtl_usb_probe() (drivers/net/wireless/realtek/rtlwifi/usb.c ) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 10, 2019
BDU:2019-04802
Уязвимость функции crypto_report() (crypto/crypto_user_base.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 2, 2019
BDU:2019-04803
Уязвимость функции acp_hw_init() (drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 1, 2019
BDU:2019-04804
Уязвимость функции spi_gpio_probe() (drivers/spi/spi-gpio.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 1, 2019
BDU:2019-04805
Уязвимость функции rsi_send_beacon() (drivers/net/wireless/rsi/rsi_91x_mgmt.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04806
Уязвимость функции alloc_sgtable() (drivers/net/wireless/intel/iwlwifi/fw/dbg.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04807
Уязвимость функции mwifiex_pcie_init_evt_ring() (drivers/net/wireless/marvell/mwifiex/pcie.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: Sept. 30, 2019
BDU:2019-04809
Уязвимость функции bfad_im_get_stats() (drivers/scsi/bfa/bfad_attr.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 2, 2019
BDU:2019-04810
Уязвимость функции rtl8xxxu_submit_int_urb() (drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04811
Уязвимость функции iwl_pcie_ctxt_info_gen3_init() (drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04812
Уязвимость функции adis_update_scan_mode_burst() (drivers/iio/imu/adis_buffer.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
BDU:2019-04828
Уязвимость функции fsl_lpspi_probe() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 9, 2019
BDU:2019-04829
Уязвимость функции adis_update_scan_mode() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 6, 2018
BDU:2019-04830
Уязвимость функции sdma_init() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
BDU:2019-04833
Уязвимость драйверов drivers/net/wireless/ath/ath9k/htc_hst.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 19, 2019
BDU:2019-04854
Уязвимость функции __btrfs_free_extent (fs/btrfs/extent-tree.c) ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
Published: Nov. 20, 2019
BDU:2019-04855
Уязвимость функции ext4_empty_dir (fs/ext4/namei.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Sept. 9, 2019
BDU:2019-04856
Уязвимость функции btrfs_root_node (fs/btrfs/ctree.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: May 4, 2019
BDU:2019-04876
Уязвимость драйвера i40e контроллеров Intel Ethernet серии 700, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 18, 2019
BDU:2019-04892
Уязвимость драйвера drivers/net/wireless/ath/ath9k/htc_hst.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 3, 2019
BDU:2020-00078
Уязвимость функции cfg80211_mgd_wext_giwessid (net/wireless/wext-sme.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 5, 2019
BDU:2020-00116
Уязвимость функций net/appletalk/aarp.c и net/appletalk/ddp.c подсистемы AppleTalk ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
BDU:2020-00118
Уязвимость функции clock_source_create() (/gpu /drm/amd/display/dc) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 25, 2019
BDU:2020-00119
Уязвимость функции create_resource_pool() (drivers/gpu/drm/amd/display/dc) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 5, 2019
BDU:2020-00120
Уязвимость функции nfp_flower_spawn_vnic_reprs() (drivers/net/ethernet/netronome/nfp/flower/main.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 25, 2019
BDU:2020-00121
Уязвимость функции nfp_flower_spawn_phy_reprs() (drivers/net/ethernet/netronome/nfp/flower/main.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 5, 2019
BDU:2020-00122
Уязвимость функции rcar_drif_g_fmt_sdr_cap (drivers/media/platform/rcar_drif.c) ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Sept. 11, 2019
BDU:2020-00155
Уязвимость функции qrtr_tun_write_iter() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
BDU:2020-00156
Уязвимость функции ath10k_usb_hif_tx_sg из drivers/net/wireless/ath/ath10k/usb.c ядра операционной системы Linux, связанная с неправильным освобождением памяти перед удалением последний ссылки, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8)
Links:
Published: Sept. 11, 2019
BDU:2020-00157
Уязвимость функции bnxt_re_create_srq() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 27, 2019
BDU:2020-00158
Уязвимость функции nfp_abm_u32_knode_replace() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 18, 2019
BDU:2020-00159
Уязвимость функции ca8210_probe() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 21, 2019
BDU:2020-00160
Уязвимость функции predicate_parse() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 19, 2019
BDU:2020-00167
Уязвимость функции fs/btrfs/volumes.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 4, 2019
BDU:2020-00195
Уязвимость драйвера дисплея (drivers/media/platform/vivid) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 5, 2019
BDU:2020-00233
Уязвимость SMB-клиента ядра операционной системы Linux, позволяющая нарушителю манипулировать файлами в каталоге клиента
Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Nov. 24, 2019
BDU:2020-00284
Уязвимость функции vcs_write (drivers/tty/vt/vc_screen.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Aug. 21, 2019
BDU:2020-00285
Уязвимость драйвера drivers/media/usb/ttusb-dec/ttusb_dec.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: LOW (2.4) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Aug. 15, 2019
BDU:2020-00286
Уязвимость драйвера drivers/usb/class/cdc-acm.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 10, 2019
BDU:2020-00287
Уязвимость драйвера drivers/usb/misc/iowarrior.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 19, 2019
BDU:2020-00288
Уязвимость драйвера drivers/net/ieee802154/atusb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 12, 2019
BDU:2020-00289
Уязвимость драйвера drivers/usb/core/file.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.2) Vector: AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 15, 2019
BDU:2020-00290
Уязвимость драйвера drivers/input/ff-memless.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 2, 2019
BDU:2020-00291
Уязвимость драйвера drivers/net/can/usb/peak_usb/pcan_usb_fd.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 4, 2019
BDU:2020-00292
Уязвимость драйвера drivers/usb/misc/adutux.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 4, 2019
BDU:2020-00293
Уязвимость драйвера drivers/net/can/usb/mcba_usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 19, 2019
BDU:2020-00294
Уязвимость функции serial_ir_init_module() (drivers/media/rc/serial_ir.c) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность, конфиденциальность и доступность защищаемой информации
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Aug. 6, 2019
BDU:2020-00295
Уязвимость драйвера drivers/hid/usbhid/hiddev.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 4, 2019
BDU:2020-00296
Уязвимость драйвера drivers/net/can/usb/peak_usb/pcan_usb_core.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: LOW (2.4) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Aug. 5, 2019
BDU:2020-00297
Уязвимость драйвера drivers/usb/misc/yurex.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
Severity: MEDIUM (6.8) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Aug. 2, 2019
BDU:2020-00298
Уязвимость драйвера drivers/net/can/usb/peak_usb/pcan_usb_pro.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 7, 2019
BDU:2020-00299
Уязвимость драйвера drivers/nfc/pn533/usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 29, 2019
BDU:2020-00338
Уязвимость функции perf_trace_lock_acquire ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 29, 2019
BDU:2020-00347
Уязвимость функции debugfs_remove ядра операционной системы Linux, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Links:
Published: Aug. 8, 2019
BDU:2020-00349
Уязвимость функции cpu.cfs_quota_us ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 9, 2019
BDU:2020-00350
Уязвимость компонента drivers/scsi/libsas/sas_discover.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 16, 2019
BDU:2020-00352
Уязвимость функции __btrfs_map_block ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 11, 2019
BDU:2020-00355
Уязвимость ядра операционных систем Linux, связанная с недостаточной проверкой вводимых данных и некорректной реализацией функций, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 7, 2019
BDU:2020-00356
Уязвимость ядра операционных систем Linux, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: March 28, 2019
BDU:2020-00357
Уязвимость функции drop_sysctl_table() ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 1, 2019
BDU:2020-00358
Уязвимость функции __feat_register_sp() ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 12, 2019
BDU:2020-00360
Уязвимость реализации команды mwifiex_tm_cmd (drivers/net/wireless/marvell/mwifiex/cfg80211.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 21, 2019
BDU:2020-00361
Уязвимость функции i915_ppgtt_close (drivers/gpu/drm/i915/i915_gem_gtt.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 22, 2019
BDU:2020-00362
Уязвимость функции flow_dissector ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: March 19, 2019
BDU:2020-00367
Уязвимость функции cpia2_exit() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 3, 2019
BDU:2020-00369
Уязвимость драйверов HID ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (6.8) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 3, 2019
BDU:2020-00843
Уязвимость функции i_size_write () ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 23, 2019
BDU:2020-00844
Уязвимость функции L2CAP_PARSE_CONF_RSP ядра операционных систем Linux, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Severity: MEDIUM (6.5) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Jan. 23, 2019
BDU:2020-00845
Уязвимость функции L2CAP_GET_CONF_OPT ядра операционных систем Linux, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Severity: MEDIUM (6.5) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Sept. 20, 2019
BDU:2020-00849
Уязвимость функции fib6_rule_lookup() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 25, 2019
BDU:2020-00853
Уязвимость функции io_uring ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 2, 2019
BDU:2020-01063
Уязвимость функции sit_init_net() (net/ipv6/sit.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 28, 2019
BDU:2020-01074
Уязвимость функции fpregs_state_valid (arch/x86/include/asm/fpu/internal.h) ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 24, 2019
BDU:2020-01321
Уязвимость функции ax25_create из net/ax25/af_ax25.c модуля AF_AX25 ядра операционной системы Linux, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю оказать воздействие на целостность данных
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Sept. 24, 2019
BDU:2020-01322
Уязвимость функции ieee802154_create из net/ieee802154/socket.c модуля AF_IEEE802154 ядра операционной системы Linux, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю оказать воздействие на целостность данных
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Sept. 24, 2019
BDU:2020-01323
Уязвимость функции atalk_create из net/appletalk/ddp.c модуля AF_APPLETALK ядра операционной системы Linux, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю оказать воздействие на целостность данных
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Sept. 24, 2019
BDU:2020-01324
Уязвимость функции base_sock_create из drivers/isdn/mISDN/socket.c модуля AF_ISDN ядра операционной системы Linux, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
Severity: MEDIUM (4.0) Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Links:
Published: April 16, 2019
BDU:2020-01342
Уязвимость функции SMB2_negotiate (fs/cifs/smb2pdu.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 22, 2019
BDU:2020-01344
Уязвимость компонента drivers/media/usb/dvb-usb/technisat-usb2.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 18, 2019
BDU:2020-01384
Уязвимость драйвера drivers/xen/balloon.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
Published: Sept. 4, 2019
BDU:2020-01463
Уязвимость функции SMB2_read ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 27, 2019
BDU:2020-01468
Уязвимость функций hci_uart_register_dev () и hci_uart_set_proto () ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 5, 2019
BDU:2020-01488
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
Published: Sept. 4, 2019
BDU:2020-01490
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
Published: Oct. 22, 2019
BDU:2020-01564
Уязвимость функции the__ipmi_bmc_register() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 29, 2019
BDU:2020-01602
Уязвимость функции _ctl_ioctl_main ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 28, 2019
BDU:2020-01796
Уязвимость функции lbs_ibss_join_existing (drivers/net/wireless/marvell/libertas/cfg.c) драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Aug. 23, 2019
BDU:2020-01862
Уязвимость функции в drivers/net/wireless/rsi/rsi_91x_usb.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 15, 2020
BDU:2020-02140
Уязвимость функции mptctl_ioctl (drivers/message/fusion/mptctl.c) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (6.4) Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 6, 2019
BDU:2020-02158
Уязвимость функции «mlx5_fw_fatal_reporter_dump()» в ядре операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 6, 2019
BDU:2020-02159
Уязвимость функции « i40e_setup_macvlans» в ядре операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 6, 2019
BDU:2020-02161
Уязвимость функции «crypto_reportstat()» в ядре операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 16, 2019
BDU:2020-02259
Уязвимость функции SMB2_write (fs/cifs/smb2pdu.c) ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: May 29, 2019
BDU:2020-02385
Уязвимость компонента drivers/scsi/libsas/sas_expander.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 4, 2020
BDU:2020-02427
Уязвимость функции pivot_root (fs/namespace.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 3, 2020
BDU:2020-02429
Уязвимость компонента drivers/spi/spi-dw.c ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 5, 2019
BDU:2020-02567
Уязвимость функции load_aout_binary() ядра операционной системы Linux, позволяющая нарушителю обойти механизм защиты ASLR
Severity: LOW (2.5) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: June 2, 2019
BDU:2020-02919
Уязвимость функции dlpar_parse_cc_property (arch/powerpc/platforms/pseries/dlpar.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.1) Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 27, 2019
BDU:2020-02920
Уязвимость функции nfc_llcp_build_tlv ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 13, 2019
BDU:2020-02921
Уязвимость функции __mdiobus_register ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 14, 2019
BDU:2020-02944
Уязвимость компонентов arch/powerpc/kernel/entry_64.S и arch/powerpc/kernel/security.c ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: March 19, 2019
BDU:2020-03025
Уязвимость функций rx_queue_add_kobject() и netdev_queue_add_kobject() (net/core/net-sysfs.c) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Links:
Published: Dec. 9, 2019
BDU:2020-03026
Уязвимость функции prb_calc_retire_blk_tmo() (net/packet/af_packet.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 27, 2020
BDU:2020-03071
Уязвимость компонента drivers/tty/vt/keyboard.c ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03327
Уязвимость функции mwifiex_update_vs_ie() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03328
Уязвимость функции mwifiex_set_uap_rates() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03329
Уязвимость функции mwifiex_set_wmm_params() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 21, 2020
BDU:2020-03830
Уязвимость ядра операционной системы Linux, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.2) Vector: AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Aug. 21, 2020
BDU:2020-04348
Уязвимость функции cgroups ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 24, 2019
BDU:2020-05796
Уязвимость функции llcp_sock_create из net/nfc/llcp_sock.c модуля AF_NFC ядра операционной системы Linux, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю оказать воздействие на целостность данных
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Dec. 4, 2019
BDU:2020-05893
Уязвимость запроса гипервизора KVM KVM_GET_EMULATED_CPUID ядра операционной системы Linux, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
Severity: MEDIUM (6.1) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Links:
Published: May 27, 2020
BDU:2021-00258
Уязвимость функции w5864_handle_frame () ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 11, 2020
BDU:2021-01920
Уязвимость реализации протокола MIDI ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 21, 2019
BDU:2021-02579
Уязвимость функции idle_book3s ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2019
BDU:2021-02590
Уязвимость драйвера drivers/firmware/efi/efi.c ядра операционной системы Linux, позволяющая нарушителю обойти ограничения безопасности
Severity: MEDIUM (6.7) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 13, 2019
BDU:2021-03056
Уязвимость компонента drivers/input/input.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (6.7) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 28, 2020
BDU:2021-03057
Уязвимость функции fill_thread_core_info() ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию и вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
Published: Sept. 10, 2019
BDU:2021-03082
Уязвимость функции do_hidp_sock_ioctl ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: May 30, 2019
BDU:2021-03187
Уязвимость реализации Generic receive offload (GRO) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 2, 2019
BDU:2021-03399
Уязвимость функции inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c ядра операционной системы Linux, связанная с недостатком механизма освобождения памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 30, 2019
BDU:2021-03596
Уязвимость функции relay_open из kernel/relay.c ядра операционной системы Linux, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 26, 2021
BDU:2021-04865
Уязвимость ядра операционной системы Linux , связанная с чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 7, 2019
BDU:2021-06329
Уязвимость функции drm_load_edid_firmware (drivers/gpu/drm/drm_edid_load.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 14, 2019
BDU:2021-06411
Уязвимость компонента sound/usb/mixer.c ядра операционной системы Linux, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: June 7, 2021
BDU:2022-03138
Уязвимость подсистемы XFRM ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 2, 2022
BDU:2022-03144
Уязвимость функции route4_change() (net/sched/cls_route.c) ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 24, 2019
BDU:2022-05889
Уязвимость функции timerqueue_add компонента lib/timerqueue.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 9, 2023
BDU:2023-00161
Уязвимость функции nvkm_vmm_pfn_map() драйвера GPU Nouveau ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
Severity: MEDIUM (4.1) Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 24, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2010-5321
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=620629
- https://bugzilla.kernel.org/show_bug.cgi?id=120571
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340
- [oss-security] 20150208 Re: kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() - Linux kernel
- http://linuxtv.org/irc/v4l/index.php?date=2010-07-29
Published: May 9, 2016
Modified: July 31, 2020
Modified: July 31, 2020
CVE-2015-0569
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: May 9, 2016
Modified: July 31, 2020
Modified: July 31, 2020
CVE-2015-0570
Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: May 9, 2016
Modified: July 31, 2020
Modified: July 31, 2020
CVE-2015-0571
The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: March 3, 2017
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2015-2877
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Nov. 16, 2015
Modified: Aug. 7, 2020
Modified: Aug. 7, 2020
CVE-2015-7312
Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c.
Severity: MEDIUM (4.4)
Links:
Published: May 2, 2016
Modified: April 18, 2022
Modified: April 18, 2022
CVE-2016-2853
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
- [oss-security] 20160224 Aufs Union Filesystem Privilege Escalation In User Namespaces
- [aufs] 20160219 aufs3 and aufs4 GIT release
- 96839
- [oss-security] 20211018 Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up
Published: May 2, 2016
Modified: Aug. 7, 2020
Modified: Aug. 7, 2020
CVE-2016-2854
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 30, 2019
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 21, 2019
Modified: April 11, 2023
Modified: April 11, 2023
CVE-2018-20669
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://access.redhat.com/security/cve/cve-2018-20669
- 106748
- [oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)
- [opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c
- https://security.netapp.com/advisory/ntap-20190404-0002/
- https://support.f5.com/csp/article/K32059550
- USN-4485-1
Published: July 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-20854
An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commit/6acb47d1a318e5b3b7115354ebc4ea060c59d3a1
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6acb47d1a318e5b3b7115354ebc4ea060c59d3a1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K32450233
- https://support.f5.com/csp/article/K32450233?utm_source=f5support&%3Butm_medium=RSS
Published: Nov. 14, 2019
Modified: Feb. 24, 2023
Modified: Feb. 24, 2023
CVE-2019-0145
Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 27, 2019
Modified: Nov. 3, 2022
Modified: Nov. 3, 2022
CVE-2019-10220
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: July 6, 2019
Modified: June 14, 2021
Modified: June 14, 2021
CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
- https://github.com/torvalds/linux/commit/55f0fc7a02de8f12757f4937143d8d5091b2e40b
- https://arxiv.org/pdf/1906.10478.pdf
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92
- https://github.com/torvalds/linux/commit/df453700e8d81b1bdafdf684365ee2b9431fb702
- https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df453700e8d81b1bdafdf684365ee2b9431fb702
- 109092
- openSUSE-SU-2019:1716
- openSUSE-SU-2019:1757
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- USN-4114-1
- USN-4117-1
- USN-4116-1
- USN-4115-1
- USN-4118-1
- RHSA-2019:3309
- RHSA-2019:3517
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: July 6, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
- https://arxiv.org/pdf/1906.10478.pdf
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92
- https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92
- openSUSE-SU-2019:1716
- openSUSE-SU-2019:1757
- [debian-lts-announce] 20190723 [SECURITY] [DLA 1862-1] linux security update
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- https://support.f5.com/csp/article/K32804955
- USN-4115-1
- USN-4118-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://support.f5.com/csp/article/K32804955?utm_source=f5support&%3Butm_medium=RSS
Published: April 12, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-11191
The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. NOTE: the software maintainer disputes that this is a vulnerability because ASLR for a.out format executables has never been supported
Severity: LOW (2.5) Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
- https://www.openwall.com/lists/oss-security/2019/04/03/4/1
- https://www.openwall.com/lists/oss-security/2019/04/03/4
- 107887
- [oss-security] 20190418 Re: Linux kernel < 4.8 local generic ASLR - another CVE-ID
- [oss-security] 20190522 Re: Linux kernel < 4.8 local generic ASLR - another CVE-ID
- USN-4008-1
- USN-4007-2
- USN-4007-1
- USN-4006-2
- USN-4006-1
- USN-4008-3
- openSUSE-SU-2019:1570
Published: April 24, 2019
Modified: Oct. 5, 2023
Modified: Oct. 5, 2023
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112
- [oss-security] 20190429 Linux kernel: multiple issues
- openSUSE-SU-2019:1404
- https://security.netapp.com/advisory/ntap-20190517-0005/
- openSUSE-SU-2019:1407
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- openSUSE-SU-2019:1479
- https://support.f5.com/csp/article/K50222414
- DSA-4465
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update
- 20190618 [SECURITY] [DSA 4465-1] linux security update
Published: April 29, 2019
Modified: Feb. 15, 2024
Modified: Feb. 15, 2024
CVE-2019-11599
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1790
- [oss-security] 20190429 Re: Linux kernel: multiple issues
- [oss-security] 20190429 Linux kernel: multiple issues
- http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html
- [oss-security] 20190430 Re: Linux kernel: multiple issues
- 46781
- 108113
- https://security.netapp.com/advisory/ntap-20190517-0002/
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- DSA-4465
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update
- 20190618 [SECURITY] [DSA 4465-1] linux security update
- https://support.f5.com/csp/article/K51674118
- openSUSE-SU-2019:1716
- openSUSE-SU-2019:1757
- 20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)
- USN-4069-1
- http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4069-2
- RHSA-2019:2043
- RHSA-2019:2029
- USN-4095-1
- USN-4115-1
- USN-4118-1
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2020:0100
- RHSA-2020:0103
- RHSA-2020:0179
- RHSA-2020:0543
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://support.f5.com/csp/article/K51674118?utm_source=f5support&%3Butm_medium=RSS
Published: May 7, 2019
Modified: Aug. 11, 2023
Modified: Aug. 11, 2023
CVE-2019-11811
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4
- openSUSE-SU-2019:1479
- https://support.f5.com/csp/article/K01512680
- https://security.netapp.com/advisory/ntap-20190719-0003/
- 108410
- RHSA-2019:1873
- RHSA-2019:1891
- RHSA-2019:1959
- RHSA-2019:1971
- RHSA-2019:4058
- RHSA-2019:4057
- RHSA-2020:0036
Published: May 15, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-11833
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
- https://github.com/torvalds/linux/commit/592acbf16821288ecdc4192c47e3774a4c48bb64
- 108372
- openSUSE-SU-2019:1479
- DSA-4465
- [debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update
- openSUSE-SU-2019:1570
- 20190618 [SECURITY] [DSA 4465-1] linux security update
- openSUSE-SU-2019:1579
- USN-4068-1
- USN-4068-2
- USN-4069-1
- USN-4076-1
- USN-4069-2
- RHSA-2019:2043
- RHSA-2019:2029
- USN-4095-2
- USN-4118-1
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- RHSA-2019:3517
- RHSA-2019:3309
- FEDORA-2019-48b34fc991
Published: May 11, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-11884
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
- https://github.com/torvalds/linux/commit/a1616a5ac99ede5d605047a9012481ce7ff18b16
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1616a5ac99ede5d605047a9012481ce7ff18b16
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.15
- 108299
- openSUSE-SU-2019:1404
- openSUSE-SU-2019:1407
- openSUSE-SU-2019:1479
- DSA-4465
- [debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update
- [debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update
- 20190618 [SECURITY] [DSA 4465-1] linux security update
- USN-4068-1
- USN-4068-2
- USN-4069-1
- USN-4076-1
- USN-4069-2
- USN-4118-1
- RHSA-2019:3517
- RHSA-2019:3309
- RHSA-2020:0740
- FEDORA-2019-640f8d8dd1
- FEDORA-2019-e6bf55e821
- FEDORA-2019-c36afa818c
Published: May 28, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12378
An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 28, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12379
An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=84ecc2f6eb1cb12e6d44818f94fa49b50f06e6ac
- 108478
- https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=15b3cd8ef46ad1b100e0d3c7e38774f330726820
- https://security.netapp.com/advisory/ntap-20190710-0002/
- FEDORA-2019-7ec378191e
- FEDORA-2019-f40bd7826f
Published: May 28, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-12380
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e
- 108477
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- https://security.netapp.com/advisory/ntap-20190710-0002/
- USN-4427-1
- USN-4414-1
- USN-4439-1
- FEDORA-2019-7ec378191e
- FEDORA-2019-f40bd7826f
Published: May 28, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12381
An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 28, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12382
An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://lkml.org/lkml/2019/5/24/843
- https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f
- 108474
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- https://salsa.debian.org/kernel-team/kernel-sec/blob/master/retired/CVE-2019-12382
- FEDORA-2019-7ec378191e
- FEDORA-2019-f40bd7826f
- https://lore.kernel.org/lkml/87o93u7d3s.fsf%40intel.com/
Published: May 30, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12454
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lkml.org/lkml/2019/5/29/705
- https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git/commit/?h=for-5.3&id=a54988113985ca22e414e132054f234fc8a92604
- https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1
- https://support.f5.com/csp/article/K13523672
- FEDORA-2019-f40bd7826f
- https://support.f5.com/csp/article/K13523672?utm_source=f5support&%3Butm_medium=RSS
Published: May 30, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12455
An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.”
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 30, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-12456
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lkml.org/lkml/2019/5/29/1164
- https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue&id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- https://bugzilla.redhat.com/show_bug.cgi?id=1717182
- https://support.f5.com/csp/article/K84310302
- FEDORA-2019-c03eda3cc6
- FEDORA-2019-83858fc57b
- https://support.f5.com/csp/article/K84310302?utm_source=f5support&%3Butm_medium=RSS
Published: June 4, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-12614
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
Severity: MEDIUM (4.1) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://lkml.org/lkml/2019/6/3/526
- https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607
- 108550
- https://security.netapp.com/advisory/ntap-20190710-0002/
- openSUSE-SU-2019:1716
- openSUSE-SU-2019:1757
- USN-4094-1
- USN-4095-2
- USN-4095-1
- USN-4093-1
- http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
- https://support.f5.com/csp/article/K54337315
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- FEDORA-2019-c03eda3cc6
- FEDORA-2019-83858fc57b
- https://support.f5.com/csp/article/K54337315?utm_source=f5support&%3Butm_medium=RSS
Published: June 25, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-12817
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15
- USN-4031-1
- [oss-security] 20190625 CVE-2019-12817: Linux kernel: powerpc: Unrelated processes may be able to read/write to each other's virtual memory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc
- 108884
- openSUSE-SU-2019:1757
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- https://support.f5.com/csp/article/K12876166
- RHSA-2019:2703
- FEDORA-2019-6817686c4d
- FEDORA-2019-69c132b061
- https://support.f5.com/csp/article/K12876166?utm_source=f5support&%3Butm_medium=RSS
Published: June 14, 2019
Modified: June 18, 2019
Modified: June 18, 2019
CVE-2019-12818
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.15
- https://github.com/torvalds/linux/commit/58bdd544e2933a21a51eecf17c3f5f94038261b5
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=58bdd544e2933a21a51eecf17c3f5f94038261b5
- 108776
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- https://support.f5.com/csp/article/K91444306
- https://security.netapp.com/advisory/ntap-20190710-0002/
- USN-4094-1
- http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
- USN-4118-1
Published: June 14, 2019
Modified: June 18, 2019
Modified: June 18, 2019
CVE-2019-12819
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/6ff7b060535e87c2ae14dd8548512abfdda528fb
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ff7b060535e87c2ae14dd8548512abfdda528fb
- 108768
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- https://security.netapp.com/advisory/ntap-20190710-0002/
- USN-4094-1
- http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
- USN-4118-1
Published: June 26, 2019
Modified: Aug. 6, 2019
Modified: Aug. 6, 2019
CVE-2019-12984
A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/385097a3675749cbc9e97c085c0e5dfe4269ca51
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13
- 108905
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- USN-4094-1
- USN-4093-1
- http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
- USN-4117-1
- USN-4118-1
Published: July 4, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-13233
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
Severity: HIGH (7.0) Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323
- https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
- openSUSE-SU-2019:1757
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- USN-4094-1
- USN-4093-1
- USN-4117-1
- USN-4118-1
- http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
- RHSA-2019:3517
- RHSA-2019:3309
- https://support.f5.com/csp/article/K13331647?utm_source=f5support&%3Butm_medium=RSS
Published: July 17, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-13631
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
Severity: MEDIUM (6.8) Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://patchwork.kernel.org/patch/11040813/
- 109291
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- 20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- openSUSE-SU-2019:1923
- openSUSE-SU-2019:1924
- USN-4115-1
- USN-4118-1
- USN-4145-1
- USN-4147-1
- FEDORA-2019-9d3fe6fd5b
- FEDORA-2019-3dbfaeac73
Published: July 19, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-13648
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://patchwork.ozlabs.org/patch/1133904/
- [oss-security] 20190730 CVE-2019-13648: Linux kernel: powerpc: kernel crash in TM handling triggerable by any local user
- https://git.kernel.org/torvalds/c/f16d80b75a096c52354c6e0a574993f3b0dfbdfe
- https://security.netapp.com/advisory/ntap-20190806-0001/
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- 20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- openSUSE-SU-2019:1923
- openSUSE-SU-2019:1924
- USN-4114-1
- USN-4116-1
- USN-4115-1
- FEDORA-2019-7aecfe1c4b
Published: July 26, 2019
Modified: Aug. 12, 2019
Modified: Aug. 12, 2019
CVE-2019-14283
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.
Severity: MEDIUM (6.8) Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
- https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- 20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- openSUSE-SU-2019:1923
- openSUSE-SU-2019:1924
- USN-4114-1
- USN-4117-1
- USN-4116-1
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
Published: July 26, 2019
Modified: Aug. 12, 2019
Modified: Aug. 12, 2019
CVE-2019-14284
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.
Severity: MEDIUM (6.2) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3554aeb991214cbfafd17d55e2bfddb50282e32
- https://github.com/torvalds/linux/commit/f3554aeb991214cbfafd17d55e2bfddb50282e32
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
- DSA-4495
- 20190812 [SECURITY] [DSA 4495-1] linux security update
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- 20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- openSUSE-SU-2019:1923
- openSUSE-SU-2019:1924
- USN-4114-1
- USN-4117-1
- USN-4116-1
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
Published: Sept. 20, 2019
Modified: Sept. 28, 2023
Modified: Sept. 28, 2023
CVE-2019-14814
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://access.redhat.com/security/cve/cve-2019-14814
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- [oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2020:0174
- RHSA-2020:0328
- RHSA-2020:0339
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/
Published: Nov. 25, 2019
Modified: July 13, 2023
Modified: July 13, 2023
CVE-2019-14815
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://access.redhat.com/security/cve/cve-2019-14815
- RHSA-2020:0174
- RHSA-2020:0328
- RHSA-2020:0339
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com
Published: Sept. 20, 2019
Modified: July 12, 2023
Modified: July 12, 2023
CVE-2019-14816
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3
- [oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver
- https://access.redhat.com/security/cve/cve-2019-14816
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2020:0174
- RHSA-2020:0204
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0375
- RHSA-2020:0374
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0653
- RHSA-2020:0661
- RHSA-2020:0664
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/
Published: Sept. 19, 2019
Modified: Feb. 16, 2024
Modified: Feb. 16, 2024
CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821
- [oss-security] 20190920 CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer
- DSA-4531
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20191004-0001/
- openSUSE-SU-2019:2307
- openSUSE-SU-2019:2308
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- RHSA-2019:3517
- RHSA-2019:3309
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2019:3978
- RHSA-2019:3979
- RHSA-2019:4154
- RHSA-2019:4256
- RHSA-2020:0027
- RHSA-2020:0204
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/
Published: Sept. 17, 2019
Modified: Dec. 15, 2023
Modified: Dec. 15, 2023
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- https://www.openwall.com/lists/oss-security/2019/09/17/1
- USN-4135-2
- RHSA-2019:2828
- RHSA-2019:2827
- RHSA-2019:2830
- RHSA-2019:2829
- RHSA-2019:2854
- RHSA-2019:2863
- RHSA-2019:2862
- RHSA-2019:2865
- RHSA-2019:2864
- RHSA-2019:2866
- RHSA-2019:2867
- RHSA-2019:2869
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHSA-2019:2889
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- DSA-4531
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- RHSA-2019:2900
- RHSA-2019:2901
- RHSA-2019:2899
- RHSA-2019:2924
- USN-4135-1
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHBA-2019:2824
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/
Published: Nov. 29, 2019
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2019-14895
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://www.openwall.com/lists/oss-security/2019/11/22/2
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14895
- openSUSE-SU-2019:2675
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0375
- RHSA-2020:0374
- RHSA-2020:0543
- RHSA-2020:0592
- RHSA-2020:0609
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0653
- RHSA-2020:0661
- RHSA-2020:0664
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/
Published: Nov. 27, 2019
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2019-14896
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14896
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/
Published: Nov. 29, 2019
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2019-14897
A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14897
- USN-4228-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-1
- USN-4227-2
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/
Published: Nov. 29, 2019
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2019-14901
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14901
- openSUSE-SU-2019:2675
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- RHSA-2020:0204
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0375
- RHSA-2020:0374
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/
Published: Sept. 13, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
- http://www.openwall.com/lists/oss-security/2019/09/10/3
- USN-4135-2
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- USN-4135-1
- https://security.netapp.com/advisory/ntap-20191004-0001/
- RHSA-2020:0740
Published: Sept. 13, 2019
Modified: July 21, 2021
Modified: July 21, 2021
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
Published: Aug. 16, 2019
Modified: May 5, 2020
Modified: May 5, 2020
CVE-2019-15090
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.12
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c09581a52765a85f19fc35340127396d5e3379cc
- https://github.com/torvalds/linux/commit/c09581a52765a85f19fc35340127396d5e3379cc
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- USN-4147-1
Published: Aug. 16, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15098
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [oss-security] 20190927 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190927 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190927 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://support.f5.com/csp/article/K61214359
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4185-1
- USN-4184-1
- USN-4186-1
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike%40gmail.com/T/#u
- https://support.f5.com/csp/article/K61214359?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 16, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15099
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2181
- https://support.f5.com/csp/article/K76295179
- USN-4258-1
- USN-4287-1
- USN-4287-2
- USN-4284-1
- https://lore.kernel.org/linux-wireless/20190804003101.11541-1-benquike%40gmail.com/T/#u
- https://support.f5.com/csp/article/K76295179?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 16, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15117
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=daac07156b330b18eb5071aec4b3ddca1c377f2c
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- DSA-4531
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- USN-4147-1
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://lore.kernel.org/lkml/20190814023625.21683-1-benquike%40gmail.com/
- https://support.f5.com/csp/article/K16449953?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 16, 2019
Modified: Feb. 3, 2024
Modified: Feb. 3, 2024
CVE-2019-15118
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=19bce474c45be69a284ecee660aa12d8f1e88f18
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- DSA-4531
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- USN-4147-1
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://lore.kernel.org/lkml/20190815043554.16623-1-benquike%40gmail.com/
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15211
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c666355e60ddb4748ead3bdd983e3f7f2224aaf0
- https://syzkaller.appspot.com/bug?id=775f90f43cfd6f8ac6c15251ce68e604453da226
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4145-1
- USN-4147-1
- openSUSE-SU-2019:2675
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15212
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3864d33943b4a76c6e64616280e98d2410b1190f
- https://syzkaller.appspot.com/bug?id=64aa96c96f594a77eb8d945df21ec76dd35573b3
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4147-1
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15213
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
- https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2675
Published: Aug. 20, 2019
Modified: March 6, 2020
Modified: March 6, 2020
CVE-2019-15214
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
Severity: MEDIUM (6.4) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2a3f7221acddfe1caa9ff09b3a8158c39b2fdeac
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c2f870890fd28e023b0fcf49dcee333f2c8bad7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
- https://syzkaller.appspot.com/bug?id=75903e0021cef79bc434d068b5169b599b2a46a9
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15215
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eff73de2b1600ad8230692f00bc0ab49b166512a
- https://syzkaller.appspot.com/bug?id=b68d3c254cf294f8a802582094fa3251d6de5247
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4145-1
- USN-4147-1
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15216
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.14
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef61eb43ada6c1d6b94668f0f514e4c268093ff3
- https://syzkaller.appspot.com/bug?id=f0b1f2952022c75394c0eef2afeb17af90f9227e
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15217
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- USN-4147-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4286-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- USN-4302-1
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15218
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31e0456de5be379b10fea0fa94a681057114a96e
- https://syzkaller.appspot.com/bug?id=4a5d7c8c2b6dbedb5b7218c6d7e8666bd2387517
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4147-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15219
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9a5729f68d3a82786aea110b1bfe610be318f80a
- https://syzkaller.appspot.com/bug?id=aaf6794922521df1c35c81e32cb2d0bb6a351e7b
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15220
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://syzkaller.appspot.com/bug?id=082c09653e43e33a6a56f8c57cf051eeacae9d5f
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e41e2257f1094acc37618bf6c856115374c6922
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4147-1
- USN-4286-2
- USN-4286-1
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15221
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17
- https://syzkaller.appspot.com/bug?id=240f09164db2c3d3af33a117c713dc7650dc29d6
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3450121997ce872eb7f1248417225827ea249710
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- USN-4115-1
- USN-4118-1
- https://security.netapp.com/advisory/ntap-20190905-0002/
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4147-1
- USN-4286-2
- USN-4286-1
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15222
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d78e1c2b7f4be00bbe62141603a631dc7812f35
- https://syzkaller.appspot.com/bug?id=3ec1dad62657fef22282536d7532dbb65eee778a
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
Published: Aug. 20, 2019
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-15223
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b074ab7fc0d575247b9cc9f93bb7e007ca38840
- https://syzkaller.appspot.com/bug?id=0c1e517c657d3de2361cb0cc2d3a8663c25039a7
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- USN-4147-1
Published: Aug. 20, 2019
Modified: Sept. 6, 2019
Modified: Sept. 6, 2019
CVE-2019-15291
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
Severity: MEDIUM (4.6) Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://syzkaller.appspot.com/bug?id=c0203bd72037d07493f4b7562411e4f5f4553a8f
- [oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2
- [oss-security] 20190821 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
- https://security.netapp.com/advisory/ntap-20190905-0002/
- openSUSE-SU-2019:2307
- openSUSE-SU-2019:2308
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
Published: Aug. 23, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15504
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K33554143
- USN-4157-1
- USN-4157-2
- https://lore.kernel.org/lkml/20190819220230.10597-1-benquike%40gmail.com/
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-97380355ae
- https://support.f5.com/csp/article/K33554143?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 23, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.linuxtv.org/media_tree.git/commit/?id=0c4df39e504bf925ab666132ac3c98d6cbbe380b
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K28222050
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lore.kernel.org/lkml/b9b256cb-95f2-5fa1-9956-5a602a017c11%40gmail.com/
- https://lore.kernel.org/linux-media/20190821104408.w7krumcglxo6fz5q%40gofer.mess.org/
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-97380355ae
- https://support.f5.com/csp/article/K28222050?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 27, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b805d78d300bcf2c83d6df7da0c818b0fee41427
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://support.f5.com/csp/article/K53420251?utm_source=f5support&%3Butm_medium=RSS
Published: Aug. 29, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15807
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0541791453fbe7f42867e310e0c9eb6295364d
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://support.f5.com/csp/article/K52136304?utm_source=f5support&%3Butm_medium=RSS
Published: Sept. 4, 2019
Modified: Aug. 11, 2023
Modified: Aug. 11, 2023
CVE-2019-15917
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commit/56897b217a1d0a91c9920cb418d6b3fe922f590a
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.5
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- https://security.netapp.com/advisory/ntap-20191004-0001/
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Sept. 4, 2019
Modified: Jan. 18, 2023
Modified: Jan. 18, 2023
CVE-2019-15918
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 4, 2019
Modified: Dec. 12, 2019
Modified: Dec. 12, 2019
CVE-2019-15919
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Sept. 4, 2019
Modified: Dec. 11, 2019
Modified: Dec. 11, 2019
CVE-2019-15920
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Sept. 4, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-15921
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 4, 2019
Modified: Oct. 4, 2019
Modified: Oct. 4, 2019
CVE-2019-15922
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 4, 2019
Modified: Oct. 4, 2019
Modified: Oct. 4, 2019
CVE-2019-15923
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 4, 2019
Modified: Sept. 14, 2019
Modified: Sept. 14, 2019
CVE-2019-15924
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/01ca667133d019edc9f0a1f70a272447c84ec41f
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- https://security.netapp.com/advisory/ntap-20191004-0001/
Published: Sept. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-16089
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
Severity: MEDIUM (4.1) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 19, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-16413
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5e3cc1ee1405a7eb3487ed24f786dec01b4cbe1f
- https://patchwork.kernel.org/patch/10753365/
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://support.f5.com/csp/article/K43239141?utm_source=f5support&%3Butm_medium=RSS
Published: Sept. 23, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-16714
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14
- https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736
- [oss-security] 20190924 CVE-2019-16714: info leak in RDS rds6_inc_info_copy
- [oss-security] 20190925 CVE-2019-16714: Linux kernel net/rds: info leak vulnerability in rds6_inc_info_copy
- USN-4157-1
- USN-4157-2
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://support.f5.com/csp/article/K48351130?utm_source=f5support&%3Butm_medium=RSS
Published: Sept. 24, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-16746
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://marc.info/?l=linux-wireless&m=156901391225058&w=2
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4186-1
- USN-4183-1
- USN-4210-1
- USN-4209-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
- openSUSE-SU-2020:1153
- https://www.oracle.com/security-alerts/cpuApr2021.html
- FEDORA-2019-057d691fd4
Published: Sept. 30, 2019
Modified: July 21, 2021
Modified: July 21, 2021
CVE-2019-16994
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 1, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0614e2b73768b502fc32a75349823356d98aae2c
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4185-2
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2c675dab816278a1724c1e93b384c2f05a11cb31
- FEDORA-2019-41e28660ae
Published: Oct. 1, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e69dbd4619e7674c1679cba49afd9dd9ac347eef
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4185-2
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- FEDORA-2019-41e28660ae
Published: Oct. 1, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cc03e8aa36c51f3b26a0d21a3c4ce2809c842ac
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4185-2
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- FEDORA-2019-41e28660ae
Published: Oct. 1, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b91ee4aa2a2199ba4d4650706c272985a5a32d80
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4184-1
- USN-4185-1
- USN-4186-1
- openSUSE-SU-2019:2503
- openSUSE-SU-2019:2507
- USN-4185-2
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0790
- FEDORA-2019-41e28660ae
Published: Oct. 1, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17056
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a359798b176183ef09efb7a3dc59abad1cc7104
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
- openSUSE-SU-2019:2392
- openSUSE-SU-2019:2444
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4185-2
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- FEDORA-2019-41e28660ae
Published: Oct. 2, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17075
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4208-1
- USN-4210-1
- USN-4211-2
- USN-4211-1
- USN-4226-1
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://lore.kernel.org/lkml/20191001165611.GA3542072%40kroah.com
Published: Oct. 4, 2019
Modified: Nov. 3, 2022
Modified: Nov. 3, 2022
CVE-2019-17133
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://marc.info/?l=linux-wireless&m=157018270915487&w=2
- openSUSE-SU-2019:2392
- https://security.netapp.com/advisory/ntap-20191031-0005/
- openSUSE-SU-2019:2444
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4208-1
- USN-4210-1
- USN-4211-2
- USN-4211-1
- USN-4226-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- RHSA-2020:0174
- RHSA-2020:0375
- RHSA-2020:0374
- RHSA-2020:0543
- RHSA-2020:0592
- RHSA-2020:0609
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0653
- RHSA-2020:0661
- RHSA-2020:0664
- RHSA-2020:0790
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Oct. 8, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-17351
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/6ef36ab967c71690ebe7e5ef997a8be4da3bc844
- https://xenbits.xen.org/xsa/advisory-300.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
- [oss-security] 20191025 Xen Security Advisory 300 v3 (CVE-2019-17351) - Linux: No grant table and foreign mapping limits
- http://xenbits.xen.org/xsa/advisory-300.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- USN-4286-2
- USN-4286-1
Published: Oct. 17, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-17666
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lkml.org/lkml/2019/10/16/1226
- https://twitter.com/nicowaisman/status/1184864519316758535
- https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/
- openSUSE-SU-2019:2392
- https://security.netapp.com/advisory/ntap-20191031-0005/
- openSUSE-SU-2019:2444
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4183-1
- USN-4186-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0543
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0661
- RHSA-2020:0740
- FEDORA-2019-6a67ff8793
Published: Jan. 16, 2020
Modified: April 18, 2022
Modified: April 18, 2022
CVE-2019-18282
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code.
Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55667441c84fa5e0911a0aac44fb059c15ba6da2
- https://security.netapp.com/advisory/ntap-20200204-0002/
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://www.computer.org/csdl/proceedings-article/sp/2020/349700b594/1j2LgrHDR2o
Published: Nov. 28, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18660
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
- https://www.openwall.com/lists/oss-security/2019/11/27/1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad
- [oss-security] 20191128 CVE-2019-18660: Linux kernel: powerpc: missing Spectre-RSB mitigation
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1
- openSUSE-SU-2019:2675
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4228-1
- USN-4227-1
- USN-4226-1
- USN-4225-1
- USN-4228-2
- USN-4227-2
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2020:0174
- USN-4225-2
- FEDORA-2019-b86a7bdba0
- FEDORA-2019-124a241044
Published: Nov. 4, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://www.openwall.com/lists/oss-security/2019/11/02/1
- [oss-security] 20191105 Re: [ Linux kernel ] Exploitable bugs in drivers/media/platform/vivid
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- https://lore.kernel.org/lkml/20191103221719.27118-1-alex.popov%40linux.com/
Published: Nov. 6, 2019
Modified: April 18, 2022
Modified: April 18, 2022
CVE-2019-18786
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Nov. 7, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-18806
A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 7, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-18807
Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18808
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2020:0336
- USN-4526-1
- USN-4525-1
- [oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
- FEDORA-2019-b86a7bdba0
- FEDORA-2019-124a241044
Published: Nov. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18809
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/2289adbfa559050d2a38bcd9caac1c18b800e928
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- USN-4285-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4300-1
- FEDORA-2019-b86a7bdba0
- FEDORA-2019-124a241044
Published: Nov. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18811
A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 7, 2019
Modified: Jan. 20, 2023
Modified: Jan. 20, 2023
CVE-2019-18813
A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-18814
An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Nov. 14, 2019
Modified: June 14, 2021
Modified: June 14, 2021
CVE-2019-18885
fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ba3bc9dd150457c506e4661380a6183af651c1
- https://github.com/bobfuzzer/CVE-2019-18885
- https://github.com/torvalds/linux/commit/09ba3bc9dd150457c506e4661380a6183af651c1
- https://security.netapp.com/advisory/ntap-20191205-0001/
- USN-4254-1
- USN-4254-2
- http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Nov. 21, 2019
Modified: Aug. 3, 2020
Modified: Aug. 3, 2020
CVE-2019-19036
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Nov. 21, 2019
Modified: Dec. 5, 2019
Modified: Dec. 5, 2019
CVE-2019-19037
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Nov. 21, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19039
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19043
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19045
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19046
A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19047
A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Jan. 18, 2023
Modified: Jan. 18, 2023
CVE-2019-19048
A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19049
A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2022
Modified: Nov. 7, 2022
CVE-2019-19051
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407
- https://security.netapp.com/advisory/ntap-20191205-0001/
- USN-4225-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- USN-4286-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- openSUSE-SU-2020:0336
- USN-4302-1
- USN-4344-1
Published: Nov. 18, 2019
Modified: Jan. 19, 2023
Modified: Jan. 19, 2023
CVE-2019-19052
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19054
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19055
A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19056
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/db8fd2cde93227e566a412cf53173ffa227998bc
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4286-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- USN-4300-1
- USN-4301-1
- USN-4302-1
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19057
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
- https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4254-1
- USN-4254-2
- USN-4285-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19058
A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19059
Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Jan. 19, 2023
Modified: Jan. 19, 2023
CVE-2019-19060
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Jan. 19, 2023
Modified: Jan. 19, 2023
CVE-2019-19061
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19062
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19063
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- USN-4254-1
- USN-4254-2
- USN-4285-1
- USN-4287-1
- USN-4287-2
- USN-4284-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19064
A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19065
A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because "rhashtable_init() can only fail if it is passed invalid values in the second parameter's struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem).
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19066
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/0e62395da2bd5166d7c9e14cbc7503b256a34cb0
- https://security.netapp.com/advisory/ntap-20191205-0001/
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4286-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- openSUSE-SU-2020:0336
- USN-4300-1
- USN-4301-1
- USN-4302-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19067
Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19068
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/a2cdd07488e666aa93a49a3fc9c9b1299e27ef3c
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- USN-4286-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- USN-4300-1
- USN-4301-1
- USN-4302-1
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19070
A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19071
A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19072
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19073
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.
Severity: MEDIUM (4.0) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Links:
- https://github.com/torvalds/linux/commit/853acf7caf10b828102d92d05b5c101666a6142b
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- USN-4527-1
- USN-4526-1
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- https://www.oracle.com/security-alerts/cpuApr2021.html
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19074
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/728c1e2a05e4b5fc52fab3421dce772a806612a2
- https://security.netapp.com/advisory/ntap-20191205-0001/
- openSUSE-SU-2019:2675
- USN-4527-1
- USN-4526-1
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- https://www.oracle.com/security-alerts/cpuApr2021.html
- FEDORA-2019-021c968423
- FEDORA-2019-34a75d7e61
Published: Nov. 18, 2019
Modified: Jan. 18, 2023
Modified: Jan. 18, 2023
CVE-2019-19075
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19076
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/78beef629fd95be4ed853b2d37b832f766bd96ca
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6
- USN-4209-1
- https://security.netapp.com/advisory/ntap-20191205-0001/
- https://git.kernel.org/linus/1d1997db870f4058676439ef7014390ba9e24eb2
- https://lore.kernel.org/lkml/20191204103955.63c4d9af%40cakuba.netronome.com/
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19077
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19078
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Jan. 18, 2023
Modified: Jan. 18, 2023
CVE-2019-19079
A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19080
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19081
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19082
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 18, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19083
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 22, 2019
Modified: Dec. 12, 2019
Modified: Dec. 12, 2019
CVE-2019-19227
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9804501fa1228048857910a6bf23e085aade37cc
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
- openSUSE-SU-2019:2675
- https://security.netapp.com/advisory/ntap-20200103-0001/
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 17, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19241
In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d69e07793f891524c6bbf1e75b9ae69db4450953
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=181e448d8709e517c9c7b523fcd209f24eb38ca7
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1975
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4284-1
Published: Nov. 25, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19252
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 9, 2020
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2019-19332
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Links:
- https://www.openwall.com/lists/oss-security/2019/12/16/1
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4254-1
- USN-4254-2
- https://security.netapp.com/advisory/ntap-20200204-0002/
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- openSUSE-SU-2020:0336
- https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/
Published: Nov. 30, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19462
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531
- https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b
- https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046
- https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- DSA-4699
- DSA-4698
- openSUSE-SU-2020:0801
- openSUSE-SU-2020:0935
- USN-4414-1
- USN-4425-1
- USN-4439-1
- USN-4440-1
- https://security.netapp.com/advisory/ntap-20210129-0004/
- https://lore.kernel.org/lkml/20191129013745.7168-1-dja%40axtens.net/
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19523
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=44efc269db7929f6275a1fa927ef082e533ecde0
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19524
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa3a5a1880c91bb92594ad42dfe9eedad7996b86
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.12
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19525
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fd25e6fc035f4b04b75bca6d7e8daa069603a76
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19526
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 3, 2019
Modified: Aug. 4, 2023
Modified: Aug. 4, 2023
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
Severity: MEDIUM (6.8) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.10
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9c09b214f30e3c11f9b0b03f89442df03643794d
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d4472d7bec39917b54e4e80245784ea5d60ce49
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
Published: Dec. 3, 2019
Modified: March 31, 2020
Modified: March 31, 2020
CVE-2019-19528
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c468a8aa790e0dfe0a7f8a39db282d39c2c00b46
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=edc4746f253d907d048de680a621e121517f484b
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
Published: Dec. 3, 2019
Modified: Aug. 12, 2020
Modified: Aug. 12, 2020
CVE-2019-19529
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
Severity: MEDIUM (6.3) Vector: CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- USN-4227-1
- USN-4225-1
- USN-4226-1
- USN-4227-2
- USN-4225-2
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.10
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c52873e5a1ef72f845526d9f6a50704433f9c625
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: Oct. 31, 2022
Modified: Oct. 31, 2022
CVE-2019-19531
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
Severity: MEDIUM (6.8) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc05481b2fcabaaeccf63e32ac1baab54e5b6963
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.9
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: Jan. 7, 2020
Modified: Jan. 7, 2020
CVE-2019-19532
In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.
Severity: MEDIUM (6.8) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d9d4b1e46d9543a82c23f6df03f4ad697dab361b
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- USN-4226-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
Published: Dec. 3, 2019
Modified: Jan. 18, 2020
Modified: Jan. 18, 2020
CVE-2019-19533
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
Severity: LOW (2.4) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a10feaf8c464c3f9cfdd3a8a7ce17e1c0d498da1
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
Published: Dec. 3, 2019
Modified: March 31, 2022
Modified: March 31, 2022
CVE-2019-19534
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.
Severity: LOW (2.4) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f7a1337f0d29b98733c8824e165fca3371d7d4fd
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- USN-4228-1
- USN-4227-1
- USN-4225-1
- USN-4228-2
- USN-4226-1
- USN-4227-2
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4225-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: April 26, 2022
Modified: April 26, 2022
CVE-2019-19535
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.9
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=30a8beeb3042f49d0537b7050fd21b490166a3d9
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Dec. 3, 2019
Modified: March 31, 2022
Modified: March 31, 2022
CVE-2019-19536
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.9
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ead16e53c2f0ed946d82d4037c630e2f60f4ab69
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- openSUSE-SU-2019:2675
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
Published: Dec. 3, 2019
Modified: Jan. 18, 2020
Modified: Jan. 18, 2020
CVE-2019-19537
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.
Severity: MEDIUM (4.2) Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.10
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=303911cfc5b95d33687d9046133ff184cf5043ff
- [oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- openSUSE-SU-2020:0336
Published: Dec. 4, 2019
Modified: Sept. 24, 2020
Modified: Sept. 24, 2020
CVE-2019-19543
In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 5, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-19602
fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
- https://github.com/golang/go/issues/35777#issuecomment-561935388
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59c4bd853abcea95eccc167a7d7fd5f1a5f47b98
- https://github.com/torvalds/linux/commit/59c4bd853abcea95eccc167a7d7fd5f1a5f47b98
- https://bugzilla.kernel.org/show_bug.cgi?id=205663
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4284-1
Published: Dec. 12, 2019
Modified: Jan. 3, 2020
Modified: Jan. 3, 2020
CVE-2019-19767
The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
- https://github.com/torvalds/linux/commit/4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a
- https://bugzilla.kernel.org/show_bug.cgi?id=205609
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a
- https://bugzilla.kernel.org/show_bug.cgi?id=205707
- https://security.netapp.com/advisory/ntap-20200103-0001/
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- USN-4258-1
- USN-4287-1
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- openSUSE-SU-2020:0336
Published: Dec. 12, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19769
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 12, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-19770
In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace
Severity: HIGH (8.2) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Links:
Published: Dec. 17, 2019
Modified: Jan. 19, 2023
Modified: Jan. 19, 2023
CVE-2019-19816
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19816
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4414-1
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
Published: Dec. 22, 2019
Modified: Dec. 14, 2022
Modified: Dec. 14, 2022
CVE-2019-19922
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://relistan.com/the-kernel-may-be-slowing-down-your-app
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
- https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425
- https://github.com/kubernetes/kubernetes/issues/67577
- USN-4226-1
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: Dec. 24, 2019
Modified: Nov. 10, 2022
Modified: Nov. 10, 2022
CVE-2019-19947
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9
- [oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- USN-4285-1
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- USN-4427-1
- USN-4485-1
Published: Dec. 25, 2019
Modified: March 31, 2022
Modified: March 31, 2022
CVE-2019-19965
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f70267f379b5e5e11bdc5d72a56bf17e5feed01f
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- USN-4285-1
- USN-4287-1
- USN-4286-2
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4284-1
- USN-4286-1
- openSUSE-SU-2020:0336
Published: Dec. 25, 2019
Modified: Dec. 21, 2022
Modified: Dec. 21, 2022
CVE-2019-19966
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- https://security.netapp.com/advisory/ntap-20200204-0002/
- openSUSE-SU-2020:0336
Published: Dec. 28, 2019
Modified: Jan. 20, 2023
Modified: Jan. 20, 2023
CVE-2019-20054
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=23da9588037ecdd4901db76a5b79a42b529c4ec3
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89189557b47b35683a27c80ee78aef18248eefb4
- https://security.netapp.com/advisory/ntap-20200204-0002/
- openSUSE-SU-2020:0336
Published: Dec. 30, 2019
Modified: April 18, 2022
Modified: April 18, 2022
CVE-2019-20095
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 30, 2019
Modified: Jan. 20, 2023
Modified: Jan. 20, 2023
CVE-2019-20096
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d3ff0950e2b40dc861b1739029649d03f591820
- http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
- USN-4285-1
- USN-4287-1
- USN-4286-2
- USN-4287-2
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- USN-4286-1
- openSUSE-SU-2020:0336
Published: Jan. 27, 2020
Modified: March 13, 2020
Modified: March 13, 2020
CVE-2019-20422
In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 8, 2020
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-20636
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb222aed03d798fc074be55e59d9a112338ee784
- https://github.com/torvalds/linux/commit/cb222aed03d798fc074be55e59d9a112338ee784
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12
- https://security.netapp.com/advisory/ntap-20200430-0004/
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
Published: May 27, 2020
Modified: June 19, 2020
Modified: June 19, 2020
CVE-2019-20806
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e7682ebfc750177a4944eeb56e97a3f05734528
- https://github.com/torvalds/linux/commit/2e7682ebfc750177a4944eeb56e97a3f05734528
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- DSA-4698
- openSUSE-SU-2020:0801
- https://security.netapp.com/advisory/ntap-20200619-0001/
Published: June 3, 2020
Modified: Jan. 20, 2023
Modified: Jan. 20, 2023
CVE-2019-20811
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Links:
Published: June 3, 2020
Modified: June 14, 2021
Modified: June 14, 2021
CVE-2019-20812
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 16, 2020
Modified: July 21, 2021
Modified: July 21, 2021
CVE-2019-20908
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1957a85b0032a81e6482ca4aab883643b8dae06e
- https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.sh
- https://mailarchives.bentasker.co.uk/Mirrors/OSSSec/2020/06-Jun/msg00035.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4
- [oss-security] 20200720 Re: Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules
- USN-4427-1
- [oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities
- [oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar
- [oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar
- USN-4439-1
- USN-4426-1
- USN-4440-1
- openSUSE-SU-2020:1153
Published: June 7, 2021
Modified: April 29, 2022
Modified: April 29, 2022
CVE-2019-25045
An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399
- https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896
- https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2
- https://security.netapp.com/advisory/ntap-20210720-0003/
Published: April 11, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-3459
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3459.html
- [oss-security] 20190111 Linux kernel: Bluetooth: two remote infoleaks (CVE-2019-3459, CVE-2019-3460)
- https://git.kernel.org/linus/7c9cbd0b5e38a1672fcd137894ace3b042dfbf69
- https://bugzilla.redhat.com/show_bug.cgi?id=1663176
- https://bugzilla.novell.com/show_bug.cgi?id=1120758
- [debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [oss-security] 20190627 Re: linux-distros membership application - Microsoft
- [oss-security] 20190627 Re: linux-distros membership application - Microsoft
- [oss-security] 20190628 Re: linux-distros membership application - Microsoft
- [oss-security] 20190628 Re: linux-distros membership application - Microsoft
- RHSA-2019:2043
- RHSA-2019:2029
- [oss-security] 20190811 Re: linux-distros membership application - Microsoft
- RHSA-2019:3517
- RHSA-2019:3309
- RHSA-2020:0740
- [linux-bluetooth] 20190110 [PATCH 1/2] Bluetooth: check message types in l2cap_get_conf_opt
Published: April 11, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-3460
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3460.html
- [oss-security] 20190111 Linux kernel: Bluetooth: two remote infoleaks (CVE-2019-3459, CVE-2019-3460)
- https://git.kernel.org/linus/af3d5d1c87664a4f150fcf3534c6567cb19909b0
- https://bugzilla.redhat.com/show_bug.cgi?id=1663179
- [debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [oss-security] 20190627 Re: linux-distros membership application - Microsoft
- [oss-security] 20190627 Re: linux-distros membership application - Microsoft
- [oss-security] 20190628 Re: linux-distros membership application - Microsoft
- [oss-security] 20190628 Re: linux-distros membership application - Microsoft
- RHSA-2019:2043
- RHSA-2019:2029
- [oss-security] 20190811 Re: linux-distros membership application - Microsoft
- RHSA-2019:3517
- RHSA-2019:3309
- RHSA-2020:0740
- [linux-bluetooth] 20190110 [PATCH 2/2] Bluetooth: check the buffer size for some messages before parsing
Published: April 25, 2019
Modified: April 26, 2024
Modified: April 26, 2024
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
Severity: HIGH (7.7) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://www.spinics.net/lists/kernel/msg3111012.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3900
- 108076
- https://security.netapp.com/advisory/ntap-20190517-0005/
- RHSA-2019:1973
- RHSA-2019:2043
- RHSA-2019:2029
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- USN-4114-1
- USN-4117-1
- USN-4116-1
- USN-4115-1
- USN-4118-1
- RHSA-2019:3220
- RHSA-2019:3517
- RHSA-2019:3309
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2019:3836
- RHSA-2019:3967
- RHSA-2019:4058
- RHSA-2020:0204
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RI3WXXM5URTZSR3RVEKO6MDXDFIKTZ5R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TOFNJA5NNVXQ6AV6KGZB677JIVXAMJHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYTZH6QCNITK7353S6RCRT2PQHZSDPXD/
Published: Dec. 23, 2019
Modified: June 17, 2022
Modified: June 17, 2022
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
- https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e
- https://security.netapp.com/advisory/ntap-20200204-0002/
- http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
- USN-4285-1
- USN-4287-1
- USN-4286-2
- USN-4287-2
- USN-4286-1
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- DSA-4698
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: March 21, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-7221
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://github.com/torvalds/linux/commits/master/arch/x86/kvm
- [debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
- USN-3932-2
- USN-3932-1
- USN-3931-2
- USN-3931-1
- USN-3930-2
- USN-3930-1
- https://security.netapp.com/advisory/ntap-20190404-0002/
- RHSA-2019:0833
- RHSA-2019:0818
- [debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update
- RHBA-2019:0959
- RHSA-2019:3967
- RHSA-2019:4058
- https://support.f5.com/csp/article/K08413011
- [debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
- SUSE-SA-2019:0203-1
- http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html
- http://www.openwall.com/lists/oss-security/2019/02/18/2
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1760
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f
- FEDORA-2019-164946aa7f
- FEDORA-2019-3da64f3e61
Published: March 21, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-7222
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
- https://github.com/torvalds/linux/commits/master/arch/x86/kvm
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1759
- 106963
- [oss-security] Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)
- http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html
- SUSE-SA-2019:0203-1
- [debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
- [debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
- USN-3933-2
- USN-3932-2
- USN-3932-1
- USN-3931-2
- USN-3931-1
- USN-3930-2
- USN-3930-1
- https://security.netapp.com/advisory/ntap-20190404-0002/
- USN-3933-1
- [debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a
- RHSA-2019:2043
- RHSA-2019:2029
- RHSA-2019:3309
- RHSA-2019:3517
- FEDORA-2019-164946aa7f
- FEDORA-2019-3da64f3e61
Published: March 21, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-9857
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 3, 2020
Modified: Sept. 10, 2020
Modified: Sept. 10, 2020
CVE-2020-10720
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 12, 2020
Modified: June 6, 2023
Modified: June 6, 2023
CVE-2020-10732
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d
- https://github.com/google/kmsan/issues/76
- https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a
- https://twitter.com/grsecurity/status/1252558055629299712
- openSUSE-SU-2020:0801
- openSUSE-SU-2020:0935
- USN-4411-1
- USN-4427-1
- USN-4439-1
- USN-4440-1
- USN-4485-1
- https://security.netapp.com/advisory/ntap-20210129-0005/
- https://lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj=rt9XWnCYvg%40mail.gmail.com/
Published: April 10, 2020
Modified: May 28, 2020
Modified: May 28, 2020
CVE-2020-11669
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html
- RHSA-2019:3517
- https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html
- openSUSE-SU-2020:0543
- https://security.netapp.com/advisory/ntap-20200430-0001/
- USN-4368-1
- USN-4363-1
Published: May 4, 2020
Modified: June 14, 2021
Modified: June 14, 2021
CVE-2020-12114
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- http://www.openwall.com/lists/oss-security/2020/05/04/2
- https://security.netapp.com/advisory/ntap-20200608-0001/
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- DSA-4699
- DSA-4698
- openSUSE-SU-2020:0801
- USN-4388-1
- USN-4392-1
- USN-4389-1
- USN-4387-1
- USN-4390-1
- USN-4391-1
- http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Published: May 5, 2020
Modified: June 13, 2020
Modified: June 13, 2020
CVE-2020-12652
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power."
Severity: MEDIUM (4.1) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/28d76df18f0ad5bcf5fa48510b225f0ed262a99b
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28d76df18f0ad5bcf5fa48510b225f0ed262a99b
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.14
- https://security.netapp.com/advisory/ntap-20200608-0001/
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update
- DSA-4698
- openSUSE-SU-2020:0801
Published: May 10, 2020
Modified: May 3, 2022
Modified: May 3, 2022
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://lkml.org/lkml/2020/2/3/559
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19b61392c5a852b4e8a0bf35aecb969983c5932d
- https://security.netapp.com/advisory/ntap-20200608-0001/
- [debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update
- [debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update
- openSUSE-SU-2020:0801
- USN-4391-1
- openSUSE-SU-2020:0935
Published: June 9, 2020
Modified: Feb. 24, 2023
Modified: Feb. 24, 2023
CVE-2020-13974
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae
- https://lkml.org/lkml/2020/3/22/482
- openSUSE-SU-2020:0935
- USN-4427-1
- USN-4439-1
- USN-4440-1
- openSUSE-SU-2020:1153
- [debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package
- USN-4483-1
- USN-4485-1
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad0bf9ce93fa40b667eccd3306783f4db4b932b
- https://www.oracle.com/security-alerts/cpujul2022.html
Published: June 18, 2020
Modified: May 3, 2022
Modified: May 3, 2022
CVE-2020-14416
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
Severity: MEDIUM (4.2) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Sept. 10, 2020
Modified: Jan. 20, 2021
Modified: Jan. 20, 2021
CVE-2020-25220
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.194
- https://bugzilla.redhat.com/show_bug.cgi?id=1868453
- https://www.spinics.net/lists/stable/msg405099.html
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.233
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=82fd2138a5ffd7e0d4320cdb669e115ee976a26e
- https://security.netapp.com/advisory/ntap-20201001-0004/
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
Published: May 26, 2021
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2020-25673
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- [oss-security] 20201101 [CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket
- https://www.openwall.com/lists/oss-security/2020/11/01/1
- https://security.netapp.com/advisory/ntap-20210702-0008/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/
Published: Dec. 11, 2020
Modified: May 16, 2023
Modified: May 16, 2023
CVE-2020-27786
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d
- https://bugzilla.redhat.com/show_bug.cgi?id=1900933
- https://security.netapp.com/advisory/ntap-20210122-0002/
- [oss-security] 20201203 Re: Linux Kernel: ALSA: use-after-free Write in snd_rawmidi_kernel_write1
Published: Jan. 15, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-7053
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522
- USN-4255-1
- USN-4255-2
- https://security.netapp.com/advisory/ntap-20200204-0002/
- http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
- USN-4285-1
- USN-4287-1
- USN-4287-2
- openSUSE-SU-2020:0336
- https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks%40canonical.com
Published: May 27, 2021
Modified: June 3, 2021
Modified: June 3, 2021
CVE-2021-20177
A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 27, 2021
Modified: June 14, 2022
Modified: June 14, 2022
CVE-2021-20317
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=511885d7061eda3eb1faf3f57dcc936ff75863f1
- https://bugzilla.redhat.com/show_bug.cgi?id=2005258
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- DSA-5096
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
Published: March 3, 2022
Modified: Jan. 24, 2023
Modified: Jan. 24, 2023
CVE-2021-3715
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 9, 2023
Modified: April 13, 2023
Modified: April 13, 2023
CVE-2023-0030
A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: June 19, 2023
Modified: June 29, 2023
Modified: June 29, 2023
CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links: