CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-18609 – librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-18609
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer. Se detectó un problema en la función amqp_handle_input en el archivo amqp_connection.c en rabbitmq-c versión 0.9.0. • https://github.com/alanxz/rabbitmq-c/blob/master/ChangeLog.md https://github.com/alanxz/rabbitmq-c/commit/fc85be7123050b91b054e45b91c78d3241a5047a https://lists.debian.org/debian-lts-announce/2019/12/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA7CPNVYMF6OQNIYNLWUY6U2GTKFOKH3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQER6XTKYMHNQR7QTHW7DJAH645WQROU https://news.ycombinator.com/item?id=21681976 https://security.gentoo.or • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2019-19462
https://notcve.org/view.php?id=CVE-2019-19462
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. La función relay_open en el archivo kernel/relay.c en el kernel de Linux versiones hasta 5.4.1, permite a usuarios locales causar una denegación de servicio (tal y como un bloqueo de retransmisión) al desencadenar un resultado NULL de alloc_percpu. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lore.kernel.org/lkml/20191129013745.7168-1-dja%40axtens.net https://security.netapp.com/advisory/ntap-20210129-0004 https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8 https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531 https://syzkaller&# • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 2%CPEs: 13EXPL: 0CVE-2019-14901 – kernel: heap overflow in marvell/mwifiex/tdls.c
https://notcve.org/view.php?id=CVE-2019-14901
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://access.redhat.com/errata/RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0374 https://access.redhat.com/errata/RHSA- • CWE-122: Heap-based Buffer Overflow CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2019-14897
https://notcve.org/view.php?id=CVE-2019-14897
A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA. Se encontró un desbordamiento de búfer en la región stack de la memoria en el kernel de Linux, versión kernel-2.6.32, en el controlador del chip WiFi de Marvell. Un atacante es capaz de causar una denegación de servicio (bloqueo del sistema) o, posiblemente, ejecutar código arbitrario, cuando una STA funciona en modo IBSS (permite conectar estaciones juntas sin el uso de un AP) y se conecta a otra STA. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14897 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives/list& • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2019-14895 – kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
https://notcve.org/view.php?id=CVE-2019-14895
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. Se detectó un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones 3.x.x y versiones 4.x.x anteriores a 4.18.0, en el controlador del chip WiFi de Marvell. El fallo podría presentarse cuando la estación intenta una negociación de conexión durante el manejo de la configuración country de dispositivos remotos. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0375 https://access.redhat.com/errata/RHSA- • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •