CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2019-9009
https://notcve.org/view.php?id=CVE-2019-9009
17 Sep 2019 — An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. Se descubrió un problema en 3S-Smart CODESYS versiones anteriores a 3.5.15.0. Unos paquetes de red diseñados causan que el Control Runtime se bloquee. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download= • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 82EXPL: 1CVE-2019-14835 – kernel: vhost-net: guest to host kernel escape during migration
https://notcve.org/view.php?id=CVE-2019-14835
17 Sep 2019 — A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. Se encontró un fallo de desbordamiento de búfer, en las versiones desde 2.6.34 hasta 5.2.x, en la manera en que la funcionalidad vhost d... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 1CVE-2019-15031 – kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
https://notcve.org/view.php?id=CVE-2019-15031
13 Sep 2019 — In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. En el kernel de Linux versiones hast... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-662: Improper Synchronization •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 1CVE-2019-15030 – kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception
https://notcve.org/view.php?id=CVE-2019-15030
13 Sep 2019 — In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. En el kernel de Linux vers... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16089
https://notcve.org/view.php?id=CVE-2019-16089
06 Sep 2019 — An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. Se detectó un problema en el kernel de Linux hasta la versión 5.2.13. nbd_genl_status en drivers/block/nbd.c no comprueba la validez del valor de retorno nla_nest_start_noflag. • https://lore.kernel.org/patchwork/patch/1106884 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-18595 – kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
https://notcve.org/view.php?id=CVE-2017-18595
04 Sep 2019 — An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.14.11. Una doble liberación puede ser causada por la función allocate_trace_buffer en el archivo kernel/trace/trace.c. A flaw was found in the allocate_trace_buffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 9.4EPSS: 0%CPEs: 11EXPL: 0CVE-2019-15926
https://notcve.org/view.php?id=CVE-2019-15926
04 Sep 2019 — An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.2.3. Se presenta un acceso fuera de límites en las funciones ath6kl_wmi_pstream_timeout_event_rx y ath6kl_wmi_cac_event_rx en el archivo drivers/net/wireless/ath/ath6kl/wmi.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-21008
https://notcve.org/view.php?id=CVE-2018-21008
04 Sep 2019 — An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.16.7. Puede ser causado un uso de la memoria previamente liberada mediante la función rsi_mac80211_detach en el archivo drivers/net/wireless/rsi/rsi_91x_mac80211.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-15927 – kernel: out-of-bounds in function build_audio_procunit in sound/usb/mixer.c
https://notcve.org/view.php?id=CVE-2019-15927
04 Sep 2019 — An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.20.2. Se presenta un acceso fuera de límites en la función build_audio_procunit en el archivo sound/usb/mixer.c. An out-of-bounds flaw was found in the ALSA usb-audio subsystem in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-15919 – kernel: use-after-free in SMB2_write function in fs/cifs/smb2pdu.c
https://notcve.org/view.php?id=CVE-2019-15919
04 Sep 2019 — An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.10. La función SMB2_write en el archivo fs/cifs/smb2pdu.c presenta un uso de la memoria previamente liberada. An flaw was discovered in the Linux kernel's CIFS client implementation. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-416: Use After Free •