CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-15919 – kernel: use-after-free in SMB2_write function in fs/cifs/smb2pdu.c
https://notcve.org/view.php?id=CVE-2019-15919
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.10. La función SMB2_write en el archivo fs/cifs/smb2pdu.c presenta un uso de la memoria previamente liberada. An flaw was discovered in the Linux kernel's CIFS client implementation. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://github.com/torvalds/linux/commit/6a3eb3360667170988f8a6477f6686242061488a https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15919 https://bugzilla.redhat.com/show_bug.cgi?id=1750410 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2019-15920 – kernel: use-after-free information leak in SMB2_read
https://notcve.org/view.php?id=CVE-2019-15920
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.10. La función SMB2_read en el archivo fs/cifs/smb2pdu.c presenta un uso de la memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://github.com/torvalds/linux/commit/088aaf17aa79300cab14dbee2569c58cfafd7d6e https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15920 https://bugzilla.redhat.com/show_bug.cgi?id=1760864 • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 1CVE-2019-15921 – kernel: memory leak in genl_register_family() in net/netlink/genetlink.c
https://notcve.org/view.php?id=CVE-2019-15921
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.6. Se presenta un problema de pérdida de memoria cuando la función idr_alloc() presenta un fallo en la función genl_register_family() en el archivo net/netlink/genetlink.c. A flaw was found in the genl_register_family function in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6 https://github.com/torvalds/linux/commit/ceabee6c59943bdd5e1da1a6a20dc7ee5f8113a2 https://security.netapp.com/advisory/ntap-20191004-0001 https://access.redhat.com/security/cve/CVE-2019-15921 https://bugzilla.redhat.com/show_bug.cgi?id=1760958 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15922
https://notcve.org/view.php?id=CVE-2019-15922
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.9. Se presenta una desreferencia del puntero NULL para una estructura de datos pf si la función alloc_disk presenta un fallo en el archivo drivers/block/paride/pf.c. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9 https://github.com/torvalds/linux/commit/58ccd2d31e502c37e108b285bf3d343eb00c235b https://security.netapp.com/advisory/ntap-20191004-0001 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15923
https://notcve.org/view.php?id=CVE-2019-15923
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.0.9. Se presenta una desreferencia del puntero NULL para una estructura de datos cd si la función alloc_disk presenta un fallo en el archivo drivers/block/paride/pf.c. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9 https://github.com/torvalds/linux/commit/f0d1762554014ce0ae347b9f0d088f2c157c8c72 https://security.netapp.com/advisory/ntap-20191004-0001 • CWE-476: NULL Pointer Dereference •