CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-18885
https://notcve.org/view.php?id=CVE-2019-18885
14 Nov 2019 — fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15. El archivo fs/btrfs/volumes.c en el kernel de Linux versiones anteriores a la versión 5.1, permite una desreferencia del puntero NULL de la función btrfs_verify_dev_extents por medio de una imagen btrfs especialmente diseñada porque fs_devices-)devices es manejada inapropiadamente dentro de f... • https://github.com/bobfuzzer/CVE-2019-18885 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15791 – Reference count underflow in shiftfs
https://notcve.org/view.php?id=CVE-2019-15791
13 Nov 2019 — In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, which then puts a reference to that file, leading to a refcount underflow. En shiftfs, un parche no upstream para el Kernel de Linux incluido en las series kernel de Ubuntu versiones 5.0 y 5.3, shiftfs_btrfs_ioct... • https://www.exploit-db.com/exploits/47693 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15792 – Type confusion in shiftfs
https://notcve.org/view.php?id=CVE-2019-15792
13 Nov 2019 — In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code. En shiftfs, ... • https://www.exploit-db.com/exploits/47693 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15793 – Mishandling of file-system uid/gid with namespaces in shiftfs
https://notcve.org/view.php?id=CVE-2019-15793
13 Nov 2019 — In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly b... • https://www.exploit-db.com/exploits/47693 • CWE-276: Incorrect Default Permissions CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15794 – Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
https://notcve.org/view.php?id=CVE-2019-15794
12 Nov 2019 — Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vm... • https://www.exploit-db.com/exploits/47692 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2243
https://notcve.org/view.php?id=CVE-2010-2243
07 Nov 2019 — A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS. Se presenta una vulnerabilidad en el archivo kernel/time/clocksource.c en el kernel de Linux versiones anteriores a 2.6.34, donde en sistemas non-GENERIC_TIME (GENERIC_TIME=n), acceder a /sys/devices/system/clocksource/clocksource0/current_clocksource resulta en un OOPS. • https://access.redhat.com/security/cve/cve-2010-2243 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18806
https://notcve.org/view.php?id=CVE-2019-18806
07 Nov 2019 — A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f. Una pérdida de memoria en la función ql_alloc_large_buffers() en el archivo drivers/net/ethernet/qlogic/qla3xxx.c en el kernel de Linux versiones anteriores a 5.3.5, permite a usuarios locales causar una denegación de servicio (consumo de memor... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18807
https://notcve.org/view.php?id=CVE-2019-18807
07 Nov 2019 — Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11. Dos fugas de memoria en la función sja1105_static_config_upload() en el archivo drivers/net/dsa/sja1105/sja1105_spi.c en el kernel de Linux versiones anteriores a 5.3.5, permiten a atacantes causar u... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-18808 – kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
https://notcve.org/view.php?id=CVE-2019-18808
07 Nov 2019 — A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. Una pérdida de memoria en la función ccp_run_sha_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-128c66429247. A flaw was found in the AMD Cryptographic Co-pro... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2019-18809 – kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c
https://notcve.org/view.php?id=CVE-2019-18809
07 Nov 2019 — A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. Una pérdida de memoria en la función af9005_identify_state() en el archivo drivers/media/usb/dvb-usb/af9005.c en el kernel de Linux versiones hasta 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-2289adbfa559. A flaw was found in the ... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •