CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2CVE-2019-15794 – Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
https://notcve.org/view.php?id=CVE-2019-15794
12 Nov 2019 — Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vm... • https://packetstorm.news/files/id/155249 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2243
https://notcve.org/view.php?id=CVE-2010-2243
07 Nov 2019 — A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS. Se presenta una vulnerabilidad en el archivo kernel/time/clocksource.c en el kernel de Linux versiones anteriores a 2.6.34, donde en sistemas non-GENERIC_TIME (GENERIC_TIME=n), acceder a /sys/devices/system/clocksource/clocksource0/current_clocksource resulta en un OOPS. • https://access.redhat.com/security/cve/cve-2010-2243 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18806
https://notcve.org/view.php?id=CVE-2019-18806
07 Nov 2019 — A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f. Una pérdida de memoria en la función ql_alloc_large_buffers() en el archivo drivers/net/ethernet/qlogic/qla3xxx.c en el kernel de Linux versiones anteriores a 5.3.5, permite a usuarios locales causar una denegación de servicio (consumo de memor... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18807
https://notcve.org/view.php?id=CVE-2019-18807
07 Nov 2019 — Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11. Dos fugas de memoria en la función sja1105_static_config_upload() en el archivo drivers/net/dsa/sja1105/sja1105_spi.c en el kernel de Linux versiones anteriores a 5.3.5, permiten a atacantes causar u... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-18808 – kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
https://notcve.org/view.php?id=CVE-2019-18808
07 Nov 2019 — A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. Una pérdida de memoria en la función ccp_run_sha_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-128c66429247. A flaw was found in the AMD Cryptographic Co-pro... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2019-18809 – kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c
https://notcve.org/view.php?id=CVE-2019-18809
07 Nov 2019 — A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. Una pérdida de memoria en la función af9005_identify_state() en el archivo drivers/media/usb/dvb-usb/af9005.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-2289adbfa559. A flaw was found in the ... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-18810 – Ubuntu Security Notice USN-4208-1
https://notcve.org/view.php?id=CVE-2019-18810
07 Nov 2019 — A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d. Una pérdida de memoria en la función komeda_wb_connector_add() en el archivo drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c en el kernel de Linux versiones anteriores a 5.3.8, permite a atacantes causar una de... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-18811 – kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
https://notcve.org/view.php?id=CVE-2019-18811
07 Nov 2019 — A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. Una pérdida de memoria en la función sof_set_get_large_ctrl_data() en el archivo sound/soc/sof/ipc.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria) mediante la activación de fallos d... • https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18812
https://notcve.org/view.php?id=CVE-2019-18812
07 Nov 2019 — A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef. Una pérdida de memoria en la función sof_dfsentry_write() en el archivo sound/soc/sof/debug.c en el kernel de Linux versiones hasta de 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-c0a333d842ef. • https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-18813 – Ubuntu Security Notice USN-4225-2
https://notcve.org/view.php?id=CVE-2019-18813
07 Nov 2019 — A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. Una pérdida de memoria en la función dwc3_pci_probe() en el archivo drivers/usb/dwc3/dwc3-pci.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria) mediante la activación de fallos de la... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9bbfceea12a8f145097a27d7c7267af25893c060 • CWE-401: Missing Release of Memory after Effective Lifetime •