CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5332
https://notcve.org/view.php?id=CVE-2010-5332
27 Jul 2019 — In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access. En el kernel de Linux anterior a versión 2.6.37, se produjo un acceso a la matriz fuera de límites en el archivo drivers/net/mlx4/port.c. Cuando se busca una entrada liberada en cualquiera de l... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0926f91083f34d047abc74f1ca4fa6a9c161f7db • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5331
https://notcve.org/view.php?id=CVE-2010-5331
27 Jul 2019 — In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used ** EN DISPUTA ** En el kernel de Linux anterior a la versión 2.6.34, un problema de verificación de rango en drivers / gpu / drm / radeon / atombios.c podría causar un problema de ap... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331 • CWE-193: Off-by-one Error •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14284 – Ubuntu Security Notice USN-4115-1
https://notcve.org/view.php?id=CVE-2019-14284
26 Jul 2019 — In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html • CWE-369: Divide By Zero •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14283 – kernel: integer overflow and OOB read in drivers/block/floppy.c
https://notcve.org/view.php?id=CVE-2019-14283
26 Jul 2019 — In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default. En el kernel de Linux anterior a versión 5.2.3, la función set_geometry en el archivo drivers/block/floppy.c, no comprueba los campos sect y head, como es demostrado mediante un desbordamiento de... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20856 – kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
https://notcve.org/view.php?id=CVE-2018-20856
26 Jul 2019 — An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. El servidor web en ZENworks Configuration Management (ZCM) de Novell versión 10.3 y versión 11.2 anteriores a 11.2.4, no realiza apropiadamente la autenticación para el archivo zenworks/jsp/index.jsp, lo que permite a los atacantes remotos realizar ataques de salto de directorio y en consecuencia cargar y ejecutar programas arbitrarios, po... • http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-20855
https://notcve.org/view.php?id=CVE-2018-20855
26 Jul 2019 — An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. Se detectó un problema en el kernel de Linux anterior a versión 4.18.7. En create_qp_common en archivo drivers/infiniband/hw/mlx5/qp.c, la función mlx5_ib_create_qp_resp nunca fue inicializada, resultando en una pérdida de memoria de pila en el espacio de usuario. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20854
https://notcve.org/view.php?id=CVE-2018-20854
26 Jul 2019 — An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. Se detectó un problema en el kernel de Linux anterior a versión 4.20. El archivo drivers/phy/mscc/phy-ocelot-serdes.c presenta un error por un paso (off-by-one) con un resultado de lectura fuera de límites de ctrl-)phys. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6acb47d1a318e5b3b7115354ebc4ea060c59d3a1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13648 – kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call
https://notcve.org/view.php?id=CVE-2019-13648
19 Jul 2019 — In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c. En el kernel de Linux hasta versión 5.2.1 sobre la plataforma powerpc, cuando la memoria transaccional de hardware está deshabilitada, un usuario local puede causar una dene... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13631 – kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c
https://notcve.org/view.php?id=CVE-2019-13631
17 Jul 2019 — In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. En la función parse_hid_report_descriptor en el archivo drivers/input/tablet/gtco.c en el kernel de Linux hasta versión 5.2.1, un dispositivo USB malicioso puede enviar un informe HID que desencadena una escritura fuera de límites durante la generación de mensajes de depuración. A flaw was ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10638 – Kernel: net: weak IP ID generation leads to remote device tracking
https://notcve.org/view.php?id=CVE-2019-10638
05 Jul 2019 — In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. En el kern... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-326: Inadequate Encryption Strength •