CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19528 – kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
https://notcve.org/view.php?id=CVE-2019-19528
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. En el kernel de Linux versiones anteriores a 5.3.7, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/usb/misc/iowarrior.c, también se conoce como CID-edc4746f253d. A use-after-free flaw was found in iowarrior_disconnect in iowarrior USB driver module were a flag was simultaneously modified causing a race between a device open and disconnect. This flaw could allow a physical attacker to cause a denial of service (DoS) attack. This vulnerability could even lead to a kernel information leak problem. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c468a8aa790e0dfe0a7f8a39db282d39c2c00b46 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=edc4746f253d907d048de680a621e121517f484b https://access.redhat.com/security/cve/CVE-2019-19528 https:/& • CWE-416: Use After Free •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2019-19529
https://notcve.org/view.php?id=CVE-2019-19529
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. En el kernel de Linux versiones anteriores a 5.3.11, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/can/usb/mcba_usb.c, también se conoce como CID-4d6636498c41. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79 https://usn.ubuntu.com/4225-1 https://usn.ubuntu.com/4225-2 https://usn.ubuntu.com/4226-1 https://usn.ubuntu.com/4227-1 https://usn.ubuntu.com/4227-2 • CWE-416: Use After Free •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19530 – kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver
https://notcve.org/view.php?id=CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. En el kernel de Linux versiones anteriores a 5.2.10, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/usb/class/cdc-acm.c, también se conoce como CID-c52873e5a1ef. A use-after-free flaw was found in the acm_probe USB subsystem in the Linux kernel. A race condition occurs when a destroy() procedure is initiated allowing the refcount to decrement on the interface so early that it is never under counted. A malicious USB device is required for exploit. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.10 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c52873e5a1ef72f845526d9f6a50704433f9c625 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://access.redhat.com/security/cve& • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19531
https://notcve.org/view.php?id=CVE-2019-19531
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca. En el kernel de Linux versiones anteriores a 5.2.9, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/usb/misc/yurex.c, también se conoce como CID-fc05481b2fca. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc05481b2fcabaaeccf63e32ac1baab54e5b6963 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19532 – kernel: malicious USB devices can lead to multiple out-of-bounds write
https://notcve.org/view.php?id=CVE-2019-19532
In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c. En el kernel de Linux versiones anteriores a 5.3.9, se presentan múltiples bugs de escritura fuera de límites que pueden ser causados ??por un dispositivo USB malicioso en el controlador del archivo HID del kernel de Linux, también se conoce como CID-d9d4b1e46d95. Esto afecta a los archivos drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d9d4b1e46d9543a82c23f6df03f4ad697dab361b https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/4226-1 https&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •