CVE-2019-20810
https://notcve.org/view.php?id=CVE-2019-20810
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. La función go7007_snd_init en el archivo driversdrivers/media/usb/go7007/snd-go7007.c en el kernel de Linux versiones anteriores a 5.6, no llama a snd_card_free para una ruta de fallo, lo que causa una pérdida de memoria, también se conoce como CID-9453264ef586. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9453264ef58638ce8976121ac44c07a3ef375983 https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://usn.ubuntu.com/4427-1 https://usn.ubuntu.com/4439-1 https://usn.ubuntu.com/4440 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-20806
https://notcve.org/view.php?id=CVE-2019-20806
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75. Se descubrió un problema en el kernel de Linux versiones anteriores a la versión 5.2. Tiene una desreferencia del puntero NULL en la función tw5864_handle_frame() en el archivo drivers/media/pci/tw5864/tw5864-video.c, que puede causar una denegación de servicio, también se conoce como CID-2e7682ebfc75. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e7682ebfc750177a4944eeb56e97a3f05734528 https://github.com/torvalds/linux/commit/2e7682ebfc750177a4944eeb56e97a3f05734528 https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://security.netapp.com/advisory/ntap-20200619-0001 https://www.debian.org/security/2020/dsa-4698 • CWE-476: NULL Pointer Dereference •
CVE-2020-12888 – Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
https://notcve.org/view.php?id=CVE-2020-12888
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. El controlador VFIO PCI en el kernel de Linux versiones hasta 5.6.13, maneja inapropiadamente los intentos para acceder al espacio de memoria deshabilitado. A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the read/write devices' MMIO address space when it is disabled, some h/w devices issue an interrupt to the CPU to indicate a fatal error condition, crashing the system. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://www.openwall.com/lists/oss-security/2020/05/19/6 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711 https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4411-1 https://usn.ubuntu.com/4412-1 https://usn.ubuntu.com/4413-1 https://usn.ubuntu.com/4414-1 https://usn.ubuntu& • CWE-476: NULL Pointer Dereference •
CVE-2020-12826 – kernel: possible to send arbitrary signals to a privileged (suidroot) parent process
https://notcve.org/view.php?id=CVE-2020-12826
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat. Se detectó un problema de control de acceso de señal en el kernel de Linux versiones anteriores a 5.6.5, se conoce como CID-7395ea4e65c2. • https://bugzilla.redhat.com/show_bug.cgi?id=1822077 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5 https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.openwall.net/linux-kernel/2020/03/24/1803 https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4367-1 https://u • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-190: Integer Overflow or Wraparound •