CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12456
https://notcve.org/view.php?id=CVE-2019-12456
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used ** EN DISPUTA ** Se detecto un problema en MPT3COMMAND case en _ctl_ioctl_main en drivers/scsi/mpt3sas/mpt3sas_ctl.c en el kernel de Linux hasta la versión 5.1.5. Permite a los usuarios locales generar una Denegación de Servicio o posiblemente tener otro impacto no especificado al cambiar el valor de ioc_number entre dos lecturas del kernel de este valor, también conocida como una vulnerabilidad de "double fetch". NOTA: un tercero informa que esto no se puede explotar porque no se utiliza el valor doblemente obtenido. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html https://bugzilla.redhat.com/show_bug.cgi?id=1717182 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue&id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDURACJVGIB •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12455
https://notcve.org/view.php?id=CVE-2019-12455
An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.” ** EN DISPUTA ** Se descubrió un problema en sunxi_divs_clk_setup en drivers / clk / sunxi / clk-sunxi.c en el kernel de Linux hasta la versión 5.1.5. Existe una kstrndup no verificada de derived_name, que podría permitir a un atacante provocar una denegación de servicio (desreferencia de puntero NULL y bloqueo del sistema). • https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3&id=fcdf445ff42f036d22178b49cf64e92d527c1330 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://security.netapp.com/advisory/ntap-20190710-0002 https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg2010240.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12454
https://notcve.org/view.php?id=CVE-2019-12454
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case ** EN DISPUTA ** Se detecto un problema en la función wcd9335_codec_enable_dec en el archivo sound/soc/codecs/wcd9335.c en el kernel de Linux hasta la versión 5.1.5. Se usa kstrndup en lugar de kmemdup_nul, lo que permite a los atacantes tener un impacto no especificado a través de vectores desconocidos. NOTA: El proveedor niega que esto no sea una vulnerabilidad porque cambiar a kmemdup_nul() solo solucionaría un problema de seguridad si la cadena de origen no estaba NUL-terminated, lo cual no es el caso. • https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1 https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git/commit/?h=for-5.3&id=a54988113985ca22e414e132054f234fc8a92604 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lkml.org/lkml/2019/5/29/705 https://support.f5.com/csp/article/K13523672 https://support.f5.com/csp/article/K13523672?utm_source=f5support&%3Butm_medium=RSS •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12382 – kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service
https://notcve.org/view.php?id=CVE-2019-12382
An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference ** EN DISPUTA ** Un problema fue encontrado en la función drm_load_edid_firmware en el archivo driver/gpu/drm/drm_edid_load.c en el kernel de Linux hasta la versión 5.1.5. Se presenta un kstrdup sin comprobar de fwstr, que podría permitir que un atacante genere una Denegación de Servicio (desreferencia de puntero NULL y bloqueo del sistema). NOTA: El proveedor niega que estos problemas no sean una vulnerabilidad porque kstrdup () que devuelve NULL se trata de manera suficiente y no hay posibilidad de que se elimine la referencia al puntero NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://www.securityfocus.com/bid/108474 https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list&# • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12381
https://notcve.org/view.php?id=CVE-2019-12381
An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL ** EN DISPUTA ** Un problema fue encontrado en la función ip_ra_control en el archivo net/ipv4/ip_sockglue.c en el kernel de Linux hasta la versión 5.1.5. Hay un kmalloc sin marcar de new_ra, que podría permitir a un atacante generar una Denegación de Servicio (desreferencia de puntero NULL y bloqueo del sistema). NOTA: esto se disputa porque new_ra nunca se usa si es NULL. • http://www.securityfocus.com/bid/108473 https://bugzilla.redhat.com/show_bug.cgi?id=1715501 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE https://lkml.org/lkml/2019/5/25/230 • CWE-476: NULL Pointer Dereference •