Page 268 of 2766 results (0.022 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-19543 – kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c

https://notcve.org/view.php?id=CVE-2019-19543

In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. En el kernel de Linux versiones anteriores a 5.1.6, se presenta un uso de la memoria previamente liberada en la función serial_ir_init_module() en el archivo drivers/media/rc/serial_ir.c. A flaw was found in the Linux kernel’s infrared serial module. An attacker could use this flaw to corrupt memory and possibly escalate privileges. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56cd26b618855c9af48c8301aa6754ced8dd0beb https://security.netapp.com/advisory/ntap-20200924-0005 https://access.redhat.com/security/cve/CVE-2019-19543 https://bugzilla.redhat.com/show_bug.cgi?id=1781810 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-19523 – kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver

https://notcve.org/view.php?id=CVE-2019-19523

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. En el kernel de Linux versiones anteriores a 5.3.7, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del drivers/usb/misc/adutux.c, también se conoce como CID-44efc269db79. A flaw was found in the Linux kernel’s implementation for ADU devices from Ontrak Control Systems, where an attacker with administrative privileges and access to a local account could pre-groom the memory and physically disconnect or unload a module. The attacker must be able to access either of these two events to trigger the use-after-free, and then race the access to the use-after-free, to create a situation where key USB structs can be manipulated into corrupting memory. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=44efc269db7929f6275a1fa927ef082e533ecde0 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://access.redhat.com/security/cve&# • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •

CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-19524 – kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free

https://notcve.org/view.php?id=CVE-2019-19524

In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. En el kernel de Linux versiones anteriores a 5.3.12, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/input/ff-memless.c, también se conoce como CID-fa3a5a1880c9. A use-after-free flaw was found in the Linux kernel’s input device driver functionality when unplugging a device. A user with physical access could use this flaw to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.12 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa3a5a1880c91bb92594ad42dfe9eedad7996b86 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https:/ • CWE-416: Use After Free •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-19525

https://notcve.org/view.php?id=CVE-2019-19525

In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. En el kernel de Linux versiones anteriores a 5.3.6, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/ieee802154/atusb.c, también se conoce como CID-7fd25e6fc035. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fd25e6fc035f4b04b75bca6d7e8daa069603a76 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html • CWE-416: Use After Free •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-19526

https://notcve.org/view.php?id=CVE-2019-19526

In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. En el kernel de Linux versiones anteriores a 5.3.9, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/nfc/pn533/usb.c, también se conoce como CID-6af3aa57a098. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc https://usn.ubuntu.com/4226-1 • CWE-416: Use After Free •