CVE-2019-15211
https://notcve.org/view.php?id=CVE-2019-15211
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.2.6. Se presenta un uso de memoria previamente liberada causado por un dispositivo USB malicioso en el controlador drivers/media/v4l2-core/v4l2-dev.c porque el archivo drivers/media/radio/radio-raremono.c no asigna apropiadamente la memoria. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c666355e60ddb4748ead3bdd983e3f7f2224aaf0 https://lists.debian.org/debian • CWE-416: Use After Free •
CVE-2019-15212
https://notcve.org/view.php?id=CVE-2019-15212
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.1.8. Se presenta una vulnerabilidad de doble liberación causada por un dispositivo USB malicioso en el controlador drivers/usb/misc/rio500.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3864d33943b4a76c6e64616280e98d2410b1190f https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lt • CWE-415: Double Free •
CVE-2019-15214 – kernel: use-after-free in sound/core/init.c and sound/core/info.c
https://notcve.org/view.php?id=CVE-2019-15214
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.0.10. Se presenta un uso de memoria previamente liberada en el subsistema sound porque la desconexión de la tarjeta hace que ciertas estructuras de datos se eliminen demasiado pronto. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2a3f7221acddfe1caa9ff09b3a8158c39b2fdeac https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c2f870890fd28e023b0fcf49dcee333 • CWE-416: Use After Free •
CVE-2019-15215
https://notcve.org/view.php?id=CVE-2019-15215
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.2.6. Se presenta un uso de memoria previamente liberada causado por un dispositivo USB malicioso en el controlador drivers/media/usb/cpia2/cpia2_usb.c . • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eff73de2b1600ad8230692f00bc0ab49b166512a https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lt • CWE-416: Use After Free •
CVE-2019-15216
https://notcve.org/view.php?id=CVE-2019-15216
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.0.14. Se presenta una desreferencia del puntero NULL causada por un dispositivo USB malicioso en el controlador drivers/usb/misc/yurex.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 http://www.openwall.com/lists/oss-security/2019/08/22/2 http://www.openwall.com/lists/oss-security/2019/08/22/3 http://www.openwall.com/lists/oss-security/2019/08/22/4 http://www.openwall.com/lists/oss-security/2019/08/22/5 https://cdn.kernel.org/pub • CWE-476: NULL Pointer Dereference •