CVE-2019-18786
https://notcve.org/view.php?id=CVE-2019-18786
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem. En el kernel de Linux versiones hasta 5.3.8, f->fmt.sdr.reserved no se inicializa en la función rcar_drif_g_fmt_sdr_cap en el archivo drivers/media/platform/rcar_drif.c, lo que podría causar un problema de divulgación de memoria. • https://patchwork.linuxtv.org/patch/59542 https://usn.ubuntu.com/4284-1 https://usn.ubuntu.com/4285-1 https://usn.ubuntu.com/4287-1 https://usn.ubuntu.com/4287-2 • CWE-908: Use of Uninitialized Resource •
CVE-2019-17666 – kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow
https://notcve.org/view.php?id=CVE-2019-17666
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. En la función rtl_p2p_noa_ie en el archivo drivers/net/wireless/realtek/rtlwifi/ps.c en el kernel de Linux versiones hasta 5.3.6, carece de una cierta comprobación de límite superior, lo que conlleva a un desbordamiento del búfer. A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as "Notice of Absence" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet. • https://github.com/uthrasri/CVE-2019-17666 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0740 https://arstechnica.com/information-technology/2019/10 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2019-17351
https://notcve.org/view.php?id=CVE-2019-17351
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7. Se detectó un problema en el archivo drivers/xen/balloon.c en el kernel de Linux versiones anteriores a 5.2.3, como es usado en Xen versiones hasta 4.12.x, permitiendo a usuarios del sistema operativo invitado causar una denegación de servicio debido al consumo de recursos sin restricciones durante la asignación de la memoria de invitado , también se conoce como CID-6ef36ab967c7. • http://www.openwall.com/lists/oss-security/2019/10/25/9 http://xenbits.xen.org/xsa/advisory-300.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https://github.com/torvalds/linux/commit/6ef36ab967c71690ebe7e5ef997a8be4da3bc844 https://security.netapp.com/advisory/ntap-20191031-0005 https://usn.ubuntu.com/4286-1 https://usn.ubuntu.com/4286-2 https://xenbits.xen.org/xsa/advisory-300.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-17053 – kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol
https://notcve.org/view.php?id=CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. ieee802154_create en net / ieee802154 / socket.c en el módulo de red AF_IEEE802154 en el kernel de Linux hasta la versión 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también conocido como CID-e69dbd4619e7. A vulnerability was discovered in the Linux kernel's AF_IEEE802154 networking module where permissions checks are not enforced. This can allow an unprivileged user to create raw sockets for this protocol leading to the potential for data leaks or system unavailability. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e69dbd4619e7674c1679cba49afd9dd9ac347eef https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives • CWE-250: Execution with Unnecessary Privileges CWE-276: Incorrect Default Permissions •
CVE-2019-17054
https://notcve.org/view.php?id=CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. La función atalk_create en el archivo net/appletalk/ddp.c en el módulo de red AF_APPLETALK en el kernel de Linux versiones hasta 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también se conoce como CID-6cc03e8aa36c. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cc03e8aa36c51f3b26a0d21a3c4ce2809c842ac https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives • CWE-276: Incorrect Default Permissions •