CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 2CVE-2019-20794
https://notcve.org/view.php?id=CVE-2019-20794
09 May 2020 — An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion. Se detectó un problema en el kernel de Linux versiones 4.18 hasta 5.6... • http://www.openwall.com/lists/oss-security/2020/08/24/1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2020-10690 – kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open
https://notcve.org/view.php?id=CVE-2020-10690
08 May 2020 — There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointe... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 1CVE-2020-12659 – kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption
https://notcve.org/view.php?id=CVE-2020-12659
05 May 2020 — An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation. Se detectó un problema en el kernel de Linux versiones anteriores a 5.6.7. En la función xdp_umem_reg en el archivo net/xdp/xdp_umem.c se presenta una escritura fuera de límites (por un usuario con la capacidad CAP_NET_ADMIN) debido a una falta de comprobación del headroom. An out-of-bounds (OOB) memory... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12657 – kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body
https://notcve.org/view.php?id=CVE-2020-12657
05 May 2020 — An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. Se detectó un problema en el kernel de Linux versiones anteriores a 5.6.5. Se presenta un uso de la memoria previamente liberada en el archivo block/bfq-iosched.c relacionado con la función bfq_idle_slice_timer_body. A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-12656 – Ubuntu Security Notice USN-4485-1
https://notcve.org/view.php?id=CVE-2020-12656
05 May 2020 — gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they li... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12655 – kernel: sync of excessive duration via an XFS v5 image with crafted metadata
https://notcve.org/view.php?id=CVE-2020-12655
05 May 2020 — An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. Se detectó un problema en la función xfs_agf_verify en el archivo fs/xfs/libxfs/xfs_alloc.c en el kernel de Linux versiones hasta 5.6.10. Los atacantes pueden desencadenar una sincronización de duración excesiva por medio de una imagen XFS v5 con metadatos diseñados, también se conoce com... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12654 – kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c
https://notcve.org/view.php?id=CVE-2020-12654
05 May 2020 — An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. Se detectó un problema en el kernel de Linux versiones anteriores a 5.5.4. En la función mwifiex_ret_wmm_get_status() en el archivo drivers/net/wireless/marvell/mwifiex/wmm.c permite a un AP remoto desencadenar un desbordamiento del búfer en la región heap de la memoria debi... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2020-12653 – kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c
https://notcve.org/view.php?id=CVE-2020-12653
05 May 2020 — An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. Se detectó un problema en el kernel de Linux versiones anteriores a 5.5.4. La función mwifiex_cmd_append_vsie_tlv() en el archivo drivers/net/wireless/marvell/mwifiex/scan.c permite a usuarios locales alcanzar privilegios o causar u... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 18EXPL: 0CVE-2020-12465 – kernel: buffer overflow in mt76_add_fragment function in drivers/net/wireless/mediatek/mt76/dma.c
https://notcve.org/view.php?id=CVE-2020-12465
29 Apr 2020 — An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. Se descubrió un desbordamiento de matriz en la función mt76_add_fragment en el archivo drivers/net/wireless/mediatek/mt76/dma.c en el kernel de Linux versiones anteriores a la versión 5.5.10, también se conoce como CID-b102f0c522cf. Un paquete de gran tamaño con muchos fr... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 23EXPL: 1CVE-2020-12464 – kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c
https://notcve.org/view.php?id=CVE-2020-12464
29 Apr 2020 — usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. a función usb_sg_cancel en el archivo drivers/usb/core/message.c en el kernel de Linux versiones anteriores a la versión 5.6.8, tiene un uso de la memoria previamente liberada porque se produce una transferencia sin una referencia, también se conoce como CID-056ad39ee925. A use-after-free flaw was found in usb_sg_cancel in drivers/usb/core/mes... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-416: Use After Free •