CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2019-19069 – Ubuntu Security Notice USN-4208-1
https://notcve.org/view.php?id=CVE-2019-19069
18 Nov 2019 — A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. Una pérdida de memoria en la función fastrpc_dma_buf_attach() en el archivo drivers/misc/fastrpc.c en el kernel de Linux versiones anteriores a la versión 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la f... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2019-19053 – Ubuntu Security Notice USN-4300-1
https://notcve.org/view.php?id=CVE-2019-19053
18 Nov 2019 — A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. Una pérdida de memoria en la función rpmsg_eptdev_write_iter() en el archivo drivers/rpmsg/rpmsg_char.c en el kernel de Linux versiones hasta la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fall... • https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 5%CPEs: 26EXPL: 0CVE-2019-19050 – Ubuntu Security Notice USN-4258-1
https://notcve.org/view.php?id=CVE-2019-19050
18 Nov 2019 — A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. Una pérdida de memoria en la función crypto_reportstat() en el archivo crypto/crypto_user_stat.c en el kernel de Linux versiones hasta 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función crypto... • http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18812
https://notcve.org/view.php?id=CVE-2019-18812
07 Nov 2019 — A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef. Una pérdida de memoria en la función sof_dfsentry_write() en el archivo sound/soc/sof/debug.c en el kernel de Linux versiones hasta de 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-c0a333d842ef. • https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.0EPSS: 0%CPEs: 31EXPL: 4CVE-2019-18683 – Slackware Security Advisory - Slackware 14.2 kernel Updates
https://notcve.org/view.php?id=CVE-2019-18683
04 Nov 2019 — An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corres... • https://github.com/sanjana123-cloud/CVE-2019-18683 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0CVE-2019-14821 – Kernel: KVM: OOB memory access via mmio ring buffer
https://notcve.org/view.php?id=CVE-2019-14821
19 Sep 2019 — An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potenti... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-15099 – kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash
https://notcve.org/view.php?id=CVE-2019-15099
16 Aug 2019 — drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. El archivo drivers/net/wireless/ath/ath10k/usb.c en el kernel de Linux versiones hasta 5.2.8, presenta una desreferencia del puntero NULL por medio de una dirección incompleta en un descriptor de endpoint. A null pointer dereference flaw was discovered in the Linux kernel's implementation of the ath10k USB device driver. The vulnerability requires the at... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-10207 – kernel: null-pointer dereference in hci_uart_set_flow_control
https://notcve.org/view.php?id=CVE-2019-10207
12 Aug 2019 — A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. Se encontró un fallo en la implementación Bluetooth del kernel de Linux de UART, todas las versiones del kernel 3.x.x anteriores a 4.18.0 y kernel 5.x.x. Un atacante con acceso local y permisos de escrit... • https://github.com/butterflyhack/CVE-2019-10207 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 0CVE-2014-0069 – kernel: cifs: incorrect handling of bogus user pointers during uncached writes
https://notcve.org/view.php?id=CVE-2014-0069
28 Feb 2014 — The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. La función cifs_iovec_write en fs/cifs/file.c en el kernel de Linux hasta 3.13.5 no maneja debidamente opera... • http://article.gmane.org/gmane.linux.kernel.cifs/9401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
21 Dec 2001 — Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 •