CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18550
https://notcve.org/view.php?id=CVE-2017-18550
19 Aug 2019 — An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure. Se detectó un problema en el archivo drivers/scsi/aacraid/commctrl.c en el kernel de Linux versiones anteriores a 4.13. Se presenta una exposición potencial de la memoria de pila del Kernel porque la función aac_get_hba_info no inicializa la estructura de hbainfo. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342ffc26693b528648bdc9377e51e4f2450b4860 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10907
https://notcve.org/view.php?id=CVE-2016-10907
19 Aug 2019 — An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt. Se descubrió un problema en el archivo drivers/iio/dac/ad5755.c en el kernel de Linux versiones anteriores a 4.8.6. Se presenta una escritura fuera de límites en la función ad5755_parse_dt. • https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.6 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2017-18551 – kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c
https://notcve.org/view.php?id=CVE-2017-18551
19 Aug 2019 — An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated. Se detectó un problema en el archivo drivers/i2c/i2c-core-smbus.c en el kernel de Linux versiones anteriores a 4.14.15. Se presenta una escritura fuera de límites en la función i2c_smbus_xfer_emulated. An out of bounds (OOB) memory access flaw was found in i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c in I2C subsystem. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18552
https://notcve.org/view.php?id=CVE-2017-18552
19 Aug 2019 — An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency. Se detectó un problema en el archivo net/rds/af_rds.c en el kernel de Linux versiones anteriores a 4.11. Se presenta una escritura y lectura fuera de límites en la función rds_recv_track_latency. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=780e982905bef61d13496d9af5310bf4af3a64d3 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15117
https://notcve.org/view.php?id=CVE-2019-15117
16 Aug 2019 — parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. La función parse_audio_mixer_unit en el archivo sound/usb/mixer.c en el kernel de Linux versiones hasta 5.2.9, maneja inapropiadamente un descriptor corto, conllevando a un acceso a la memoria fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2019-15118
https://notcve.org/view.php?id=CVE-2019-15118
16 Aug 2019 — check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. La función check_input_term en el archivo sound/usb/mixer.c en el kernel de Linux versiones hasta 5.2.9, maneja inapropiadamente la recursión, conllevando al agotamiento de la pila del kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-674: Uncontrolled Recursion •
CVSS: 4.9EPSS: 0%CPEs: 12EXPL: 0CVE-2019-15098
https://notcve.org/view.php?id=CVE-2019-15098
16 Aug 2019 — drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. El archivo drivers/net/wireless/ath/ath6kl/usb.c en el kernel de Linux versiones hasta 5.2.9 presenta una desreferencia del puntero NULL mediante una dirección incompleta en un descriptor de endpoint. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15090 – kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure
https://notcve.org/view.php?id=CVE-2019-15090
15 Aug 2019 — An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. Se detectó un problema en el archivo drivers/scsi/qedi/qedi_dbg.c en el kernel de Linux versiones anteriores a 5.1.12. En la familia de funciones qedi_dbg_*, se presenta una lectura fuera de límites. An out-of-bounds (OOB) memory access flaw was found in the Qlogic ISCSI module in the Linux kernel's qedi_dbg_* family of functions in drivers/scsi/qe... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2017-18509
https://notcve.org/view.php?id=CVE-2017-18509
13 Aug 2019 — An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part ... • http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-10207 – kernel: null-pointer dereference in hci_uart_set_flow_control
https://notcve.org/view.php?id=CVE-2019-10207
12 Aug 2019 — A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. Se encontró un fallo en la implementación Bluetooth del kernel de Linux de UART, todas las versiones del kernel 3.x.x anteriores a 4.18.0 y kernel 5.x.x. Un atacante con acceso local y permisos de escrit... • https://github.com/butterflyhack/CVE-2019-10207 • CWE-476: NULL Pointer Dereference •