CVSS: 7.8EPSS: 83%CPEs: 43EXPL: 29CVE-2019-13272 – Linux Kernel Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2019-13272
16 Jul 2019 — In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect mar... • https://packetstorm.news/files/id/165051 • CWE-271: Privilege Dropping / Lowering Errors •
CVSS: 9.8EPSS: 0%CPEs: 45EXPL: 0CVE-2019-10126 – kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
https://notcve.org/view.php?id=CVE-2019-10126
14 Jun 2019 — A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences. Se encontró un defecto en el kernel de Linux. Un desbordamiento de búfer en la región heap de la memoria en la función mwifiex_uap_parse_tail_ies en el archivo drivers/net/wireless/marvell/mwifiex/ie.c, podría provocar corrupción de la memoria y posiblemente otras consecuencias. A flaw was found... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2019-11833 – kernel: fs/ext4/extents.c leads to information disclosure
https://notcve.org/view.php?id=CVE-2019-11833
15 May 2019 — fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. fs / ext4 / extents.c en el kernel de Linux hasta 5.1.2 no pone a cero la región de memoria no utilizada en el bloque del árbol de extensión, lo que podría permitir a los usuarios locales obtener información confidencial al leer datos no inicializados en el sistema de archivos. A... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •
CVSS: 6.8EPSS: 0%CPEs: 30EXPL: 0CVE-2019-11884 – kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command
https://notcve.org/view.php?id=CVE-2019-11884
10 May 2019 — The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. La función do_hidp_sock_ioctl en net/bluetooth/hidp/sock.c en el kernel de Linux, versiones anteriores a 5.0.15, permite a un usuario local obtener información potencialmente sensible de la memoria de la pila del kernel a través de un comando HI... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 218EXPL: 7CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://github.com/isacaya/CVE-2019-11358 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2019-3887 – Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS
https://notcve.org/view.php?id=CVE-2019-3887
09 Apr 2019 — A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue. Se encontró un error en la forma en que el hipervisor KVM manejaba el acceso a x2APIC Machine Specific Rre... • http://www.securityfocus.com/bid/107850 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2019-3460 – kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP
https://notcve.org/view.php?id=CVE-2019-3460
03 Apr 2019 — A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. Se ha descubierto una fuga de información en múltiples ubicaciones en memoria dinámica, incluyendo L2CAP_GET_CONF_OPT en el kernel de Linux anterior a 5.1-rc1. A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical acc... • http://www.openwall.com/lists/oss-security/2019/06/27/2 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 30EXPL: 1CVE-2019-3459 – kernel: Heap address information leak while using L2CAP_GET_CONF_OPT
https://notcve.org/view.php?id=CVE-2019-3459
03 Apr 2019 — A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. Se descubrió una fuga de información de direcciones en memoria dinámica mientras se usaba L2CAP_GET_CONF_OPT en el kernel de Linux anterior a 5.1-rc1. A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol (L2CAP), part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted ... • http://www.openwall.com/lists/oss-security/2019/06/27/2 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-20784 – kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service
https://notcve.org/view.php?id=CVE-2018-20784
22 Feb 2019 — In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load. En el kernel de Linux, en versiones anteriores a la 4.20.2, kernel/sched/fair.c gestiona leaf cfs_rq de manera incorrecta, lo que permite que los atacantes provoquen una denegación de servicio (bucle infinito en update_blocked_averages) o, posiblemente, otro impacto si... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c40f7d74c741a907cfaeb73a7697081881c497d0 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 2CVE-2019-7222 – Kernel: KVM: leak of uninitialized stack contents to guest
https://notcve.org/view.php?id=CVE-2019-7222
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información. An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory co... • https://packetstorm.news/files/id/151712 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •