CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2019-3460 – kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP
https://notcve.org/view.php?id=CVE-2019-3460
03 Apr 2019 — A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. Se ha descubierto una fuga de información en múltiples ubicaciones en memoria dinámica, incluyendo L2CAP_GET_CONF_OPT en el kernel de Linux anterior a 5.1-rc1. A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical acc... • http://www.openwall.com/lists/oss-security/2019/06/27/2 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2019-3874 – kernel: SCTP socket buffer memory leak leading to denial of service
https://notcve.org/view.php?id=CVE-2019-3874
25 Mar 2019 — The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable. El búfer del socket SCTP utilizado por una aplicación de espacio de usuario no es tenido en cuenta por el subsistema de cgroups. Un atacante podría explotar este error para lanzar un ataque de denegación de servicio. • https://access.redhat.com/errata/RHSA-2019:3309 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9857
https://notcve.org/view.php?id=CVE-2019-9857
18 Mar 2019 — In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service. En el kernel de Linux hasta la versión 5.0.2, la función inotify_update_existing_watch() en fs/notify/inotify/inotify_user.c no llama a fsnotify_put_mark() con IN_MASK_CREATE tras fsnotify_find_mark(), lo que prov... • http://www.securityfocus.com/bid/107527 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 4CVE-2019-9213 – Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
https://notcve.org/view.php?id=CVE-2019-9213
05 Mar 2019 — In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. En el kernel de Linux, en versiones anteriores a la 4.20.14, expand_downwards en mm/mmap.c carece de una comprobación para la dirección mínima de mmap, lo que facilita que los atacantes exploten desreferencias de puntero NULL en el kernel en... • https://www.exploit-db.com/exploits/46502 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 3%CPEs: 12EXPL: 0CVE-2019-8980 – kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service
https://notcve.org/view.php?id=CVE-2019-8980
21 Feb 2019 — A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. Una fuga de memoria en la función kernel_read_file en fs/exec.c en el kernel de Linux, hasta la versión 4.20.11, permite que los atacantes provoquen una denegación de servicio (consumo de memoria) desencadenando errores en vfs_read. A kernel memory leak was found in the kernel_read_file() function in the fs/exec.c ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2019-7221 – Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
https://notcve.org/view.php?id=CVE-2019-7221
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 1CVE-2019-7222 – Kernel: KVM: leak of uninitialized stack contents to guest
https://notcve.org/view.php?id=CVE-2019-7222
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información. An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory co... • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 6%CPEs: 60EXPL: 3CVE-2019-6974 – Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2019-6974
15 Feb 2019 — In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. En el kernel de Linux en versiones anteriores a la 4.20.8, kvm_ioctl_create_device en virt/kvm/kvm_main.c gestiona de manera incorrecta el conteo de referencias debido a una condición de carrera, lo que conduce a un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor imp... • https://www.exploit-db.com/exploits/46388 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2019-7308 – Linux Insufficient eBPF Spectre V1 Mitigation
https://notcve.org/view.php?id=CVE-2019-7308
01 Feb 2019 — kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. En el kernel de Linux, en versiones anteriores a la 4.20.6, "kernel/bpf/verifier.c" realiza especulaciones fuera de límites no deseables en la aritmética de punteros en varias ocasiones, incluyendo casos de diferentes ramas con distintos estados o límite... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38 • CWE-189: Numeric Errors •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10741 – kernel: race condition between direct and memory-mapped I/O in fs/xfs/xfs_aops.c
https://notcve.org/view.php?id=CVE-2016-10741
01 Feb 2019 — In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure. En el kernel de Linux, en versiones anteriores a la 4.9.3, "fs/xfs/xfs_aops.c" permite a los usuarios locales provocar una denegación de servicio (cierre inesperado del sistema) debido a que hay una condición de carrera entre el I/O directo y el ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04197b341f23b908193308b8d63d17ff23232598 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-369: Divide By Zero •