CVE-2019-15030 – kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception
https://notcve.org/view.php?id=CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. En el kernel de Linux versiones hasta 5.2.14 en la plataforma powerpc, un usuario local puede leer registros vectoriales de los procesos de otros usuarios por medio de una excepción Facility Unavailable. Para explotar la venerabilidad, un usuario local inicia una transacción (por medio de la instrucción de memoria transaccional de hardware tbegin) y entonces accede a los registros vectoriales. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/09/10/3 https://access.redhat.com/errata/RHSA-2020:0740 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4135-1 https://usn.ubuntu.com/4135-2& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVE-2019-16089
https://notcve.org/view.php?id=CVE-2019-16089
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. Se detectó un problema en el kernel de Linux hasta la versión 5.2.13. nbd_genl_status en drivers/block/nbd.c no comprueba la validez del valor de retorno nla_nest_start_noflag. • https://lore.kernel.org/patchwork/patch/1106884 https://lore.kernel.org/patchwork/patch/1126650 https://security.netapp.com/advisory/ntap-20191004-0001 https://support.f5.com/csp/article/K03814795?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/4414-1 https://usn.ubuntu.com/4425-1 https://usn.ubuntu.com/4439-1 https://usn.ubuntu.com/4440-1 • CWE-476: NULL Pointer Dereference •
CVE-2017-18595 – kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
https://notcve.org/view.php?id=CVE-2017-18595
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.14.11. Una doble liberación puede ser causada por la función allocate_trace_buffer en el archivo kernel/trace/trace.c. A flaw was found in the allocate_trace_buffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4397f04575c44e1440ec2e49b6302785c95fd2f8 https://access.redhat.com/security/cve/CVE-2017-18595 https://bugzilla.redhat.com/show_bug.cgi?id=1758671 • CWE-415: Double Free CWE-416: Use After Free •
CVE-2019-15926
https://notcve.org/view.php?id=CVE-2019-15926
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.2.3. Se presenta un acceso fuera de límites en las funciones ath6kl_wmi_pstream_timeout_event_rx y ath6kl_wmi_cac_event_rx en el archivo drivers/net/wireless/ath/ath6kl/wmi.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d6751eaff672ea77642e74e92e6c0ac7f9709ab https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html https://lists.debian.org/debi • CWE-125: Out-of-bounds Read •
CVE-2018-21008
https://notcve.org/view.php?id=CVE-2018-21008
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. Se detectó un problema en el kernel de Linux versiones anteriores a 4.16.7. Puede ser causado un uso de la memoria previamente liberada mediante la función rsi_mac80211_detach en el archivo drivers/net/wireless/rsi/rsi_91x_mac80211.c. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.7 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abd39c6ded9db53aa44c2540092bdd5fb6590fa8 https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html https:/& • CWE-416: Use After Free •