Page 380 of 2783 results (0.009 seconds)

CVSS: 4.7EPSS: 0%CPEs: 40EXPL: 0

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. Una pérdida de memoria en la función cx23888_ir_probe() en el archivo drivers/media/pci/cx23885/cx23888-ir.c en el kernel de Linux versiones hasta la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función de kfifo_alloc(), también se conoce como CID-a7b2df76b42b. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T https://security.netapp.com/advisory/ntap-20191205-0001 https://usn.ubuntu.com/4525-1 https://usn.ubuntu.com/4526-1 https:/ • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7. Una pérdida de memoria en la función i2400m_op_rfkill_sw_toggle() en el archivo drivers/net/wimax/i2400m/op-rfkill.c en el kernel de Linux versiones anteriores a la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-6f3ef5c25cc7. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://security.netapp.com/advisory/ntap-20191205-0001 https://usn.ubuntu.com/4225-1 https://usn.ubuntu.com/4225-2 https://usn.ubunt • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot Una pérdida de memoria en la función unittest_data_add() en el archivo drivers/of/unittest.c en el kernel de Linux versiones anteriores a la versión 5.3.10, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función de_fdt_unflatten_tree(), también se conoce como CID-e13de8fe0d6a. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://bugzilla.suse.com/show_bug.cgi?id=1157173 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10 https://github.com/torvalds/linux/commit/e13de8fe0d6a51341671bbe384826d527afe8d44 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5. Una pérdida de memoria en la función mlx5_fw_fatal_reporter_dump() en el archivo drivers/net/ethernet/mellanox/mlx5/core/health.c en el kernel de Linux versiones anteriores a la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función mlx5_crdump_collect(), también se conoce como CID-c7ed6d0183d5. A flaw was found in the way the Mellanox 5th generation network adapters (ConnectX series) core driver in the Linux kernel handled resource cleanup in the mlx5_fw_fatal_reporter_dump function. This flaw allows an attacker with the ability to trigger errors in the mlx5_crdump_collect function to crash the system. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://github.com/torvalds/linux/commit/c7ed6d0183d5ea9bc31bcaeeba4070bd62546471 https://security.netapp.com/advisory/ntap-20191205-0001 https://usn.ubuntu.com/4225-1 https://access.redhat.com/security/cve/CVE-2019-19047 https://bugzilla.redhat.com/show_bug.cgi?id=1774991 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0

A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time ** EN DISPUTA ** Una pérdida de memoria en la función __ipmi_bmc_register() en el archivo drivers/char/ipmi/ipmi_msghandler.c en el kernel de Linux versiones hasta la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar un fallo de la función ida_simple_get (), también se conoce como CID-4aa7afb0ee20. NOTA: terceros discuten la relevancia de esto porque un atacante no puede controlar de manera realista esta falla en el momento de la investigación. A memory leak problem was found in __ipmi_bmc_register in drivers/char/ipmi/ipmi_msghandler.c in Intelligent Platform Management Interface (IPMI) which is used for incoming and outgoing message routing purpose. This flaw may allow an attacker with minimal privilege to cause a denial of service by triggering ida_simple_get() failure. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://bugzilla.suse.com/show_bug.cgi?id=1157304 https://github.com/torvalds/linux/commit/4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T https://usn.ubuntu.com/4302-1 https://usn.ubuntu.com/4319-1 https://u • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •