Page 412 of 3406 results (0.017 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db. En el kernel de Linux versiones anteriores a 5.3.4, la función fib6_rule_lookup en el archivo net/ipv6/ip6_fib.c maneja inapropiadamente el flag RT6_LOOKUP_F_DST_NOREF en una decisión de conteo de referencias, lo que conlleva a (por ejemplo) un bloqueo que fue identificado por syzkaller, también se conoce como CID-7b09c2d052db. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4 https://github.com/torvalds/linux/commit/7b09c2d052db4b4ad0b27b97918b46a7746966fa https://security.netapp.com/advisory/ntap-20200313-0003 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338 https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort https://www.openwall.com/lists/oss-security/2019/12/10/3 https://access.redhat.com/security/cve/CVE-2019-19338 https://bugzilla.redhat.com/show_bug.cgi?id=1781514 • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 2

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. Se encontró un problema de escritura de memoria fuera de límites en el kernel de Linux, versiones 3.13 hasta 5.4, en la manera en que el hipervisor KVM del kernel de Linux manejó la petición "KVM_GET_EMULATED_CPUID" ioctl(2) para obtener las funcionalidades de CPUID emuladas por el hipervisor KVM. Un usuario o proceso capaz de acceder al dispositivo "/dev/kvm" podría usar este fallo para bloquear el sistema, resultando en una denegación de servicio. An out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com https://security.netapp.com/advisory/ntap-20200204-0002 https: • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0

mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. La función mwifiex_tm_cmd en el archivo drivers/net/wireless/marvell/mwifiex/cfg80211.c en el kernel de Linux versiones anteriores a la versión 5.1.6 tiene algunos casos de manejo de errores que no liberaron la memoria hostcmd asignada, también se conoce como CID-003b686ace82. Esto causará una pérdida de memoria y una denegación de servicio. A flaw was found in the Linux kernel's mwifiex driver implementation when connecting to other WiFi devices in "Test Mode." • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=003b686ace820ce2d635a83f10f2d7f9c147dabc https://security.netapp.com/advisory/ntap-20200204-0002 https://access.redhat.com/security/cve/CVE-2019-20095 https://bugzilla.redhat.com/show_bug.cgi?id=1791954 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. En el kernel de Linux versiones anteriores a la versión 5.1, hay una pérdida de memoria en la función __feat_register_sp() en el archivo net/dccp/feat.c, lo que puede causar una denegación de servicio, también se conoce como CID-1d3ff0950e2b. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d3ff0950e2b40dc861b1739029649d03f591820 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/4285-1 https://usn.ubuntu.com/4286-1 https://usn& • CWE-401: Missing Release of Memory after Effective Lifetime •