CVE-2019-15927 – kernel: out-of-bounds in function build_audio_procunit in sound/usb/mixer.c
https://notcve.org/view.php?id=CVE-2019-15927
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.20.2. Se presenta un acceso fuera de límites en la función build_audio_procunit en el archivo sound/usb/mixer.c. An out-of-bounds flaw was found in the ALSA usb-audio subsystem in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4351a199cc120ff9d59e06d02e8657d08e6cc46 https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15927 https://bugzilla.redhat.com/show_bug.cgi?id=1759059 • CWE-125: Out-of-bounds Read •
CVE-2019-15919 – kernel: use-after-free in SMB2_write function in fs/cifs/smb2pdu.c
https://notcve.org/view.php?id=CVE-2019-15919
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.10. La función SMB2_write en el archivo fs/cifs/smb2pdu.c presenta un uso de la memoria previamente liberada. An flaw was discovered in the Linux kernel's CIFS client implementation. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://github.com/torvalds/linux/commit/6a3eb3360667170988f8a6477f6686242061488a https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15919 https://bugzilla.redhat.com/show_bug.cgi?id=1750410 • CWE-416: Use After Free •
CVE-2019-15920 – kernel: use-after-free information leak in SMB2_read
https://notcve.org/view.php?id=CVE-2019-15920
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.10. La función SMB2_read en el archivo fs/cifs/smb2pdu.c presenta un uso de la memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://github.com/torvalds/linux/commit/088aaf17aa79300cab14dbee2569c58cfafd7d6e https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15920 https://bugzilla.redhat.com/show_bug.cgi?id=1760864 • CWE-416: Use After Free •
CVE-2019-15921 – kernel: memory leak in genl_register_family() in net/netlink/genetlink.c
https://notcve.org/view.php?id=CVE-2019-15921
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.6. Se presenta un problema de pérdida de memoria cuando la función idr_alloc() presenta un fallo en la función genl_register_family() en el archivo net/netlink/genetlink.c. A flaw was found in the genl_register_family function in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6 https://github.com/torvalds/linux/commit/ceabee6c59943bdd5e1da1a6a20dc7ee5f8113a2 https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15921 https://bugzilla.redhat.com/show_bug.cgi?id=1760958 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-15922
https://notcve.org/view.php?id=CVE-2019-15922
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.9. Se presenta una desreferencia del puntero NULL para una estructura de datos pf si la función alloc_disk presenta un fallo en el archivo drivers/block/paride/pf.c. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9 https://github.com/torvalds/linux/commit/58ccd2d31e502c37e108b285bf3d343eb00c235b https://security.netapp.com/advisory/ntap-20191004-0001 • CWE-476: NULL Pointer Dereference •