CVE-2019-15220
https://notcve.org/view.php?id=CVE-2019-15220
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.2.1. Se presenta un uso de memoria previamente liberada causado por un dispositivo USB malicioso en el controlador drivers/net/wireless/intersil/p54/p54usb.c . • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e41e2257f1094acc37618bf6c856115374c6922 https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lt • CWE-416: Use After Free •
CVE-2019-15221 – kernel: Null pointer dereference in the sound/usb/line6/pcm.c
https://notcve.org/view.php?id=CVE-2019-15221
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.1.17. Se presenta una desreferencia del puntero NULL causada por un dispositivo USB malicioso en el controlador sound/usb/line6/pcm.c. A NULL pointer dereference flaw was found in the way the LINE6 drivers in the Linux kernel allocated buffers for USB packets. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3450121997ce872eb7f1248417225827ea249710 https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-l • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVE-2019-15222
https://notcve.org/view.php?id=CVE-2019-15222
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.2.8. Se presenta una desreferencia del puntero NULL causada por un dispositivo USB malicioso en el controlador sound/usb/helper.c (motu_microbookii). • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d78e1c2b7f4be00bbe62141603a631dc7812f35 https://security.netapp.com/advisory/ntap-20190905-0002 https://syzkaller.appspot.com/bug?id=3ec1dad62657fef222 • CWE-476: NULL Pointer Dereference •
CVE-2019-15223 – kernel: Null pointer dereference in the sound/usb/line6/driver.c
https://notcve.org/view.php?id=CVE-2019-15223
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. Se descubrió un problema en el kernel de Linux versiones anteriores a 5.1.8. Se presenta una desreferencia del puntero NULL causada por un dispositivo USB malicioso en el controlador sound/usb/line6/driver.c. A NULL pointer dereference flaw was found in the way the Line 6 POD USB driver in the Linux kernel handled disconnection. • http://www.openwall.com/lists/oss-security/2019/08/20/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b074ab7fc0d575247b9cc9f93bb7e007ca38840 https://security.netapp.com/advisory/ntap-20190905-0002 https://syzkaller.appspot.com/bug?id=0c1e517c657d3de2361cb0cc2d3a8663c25039a7 https://usn.ubuntu.com/4147-1 https://access.redhat.com/security/cve/CVE-2019-15223 https://bugzilla.redhat.com/show_bug • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVE-2019-15118
https://notcve.org/view.php?id=CVE-2019-15118
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. La función check_input_term en el archivo sound/usb/mixer.c en el kernel de Linux versiones hasta 5.2.9, maneja inapropiadamente la recursión, conllevando al agotamiento de la pila del kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=19bce474c45be69a284ecee660aa12d8f1e88f18 https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html https:& • CWE-674: Uncontrolled Recursion •