CVSS: 7.8EPSS: 3%CPEs: 21EXPL: 0CVE-2019-12615
https://notcve.org/view.php?id=CVE-2019-12615
03 Jun 2019 — An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). Se descubrió un problema en get_vdev_port_node_info en arch / sparc / kernel / mdesc.c en el kernel de Linux hasta la versión 5.1.6. Hay un kstrdup_const sin marcar de node_info-> vdev_port.name, que podría permitir que un atac... • http://www.securityfocus.com/bid/108549 • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0CVE-2019-12614 – kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
https://notcve.org/view.php?id=CVE-2019-12614
03 Jun 2019 — An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). Se descubrió un problema en dlpar_parse_cc_property en arch / powerpc / platform / pseries / dlpar.c en el kernel de Linux hasta la versión 5.1.6. Hay un kstrdup sin marcar de prop-> name, que podría permitir que un atacante provoque u... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 1CVE-2019-3846 – kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
https://notcve.org/view.php?id=CVE-2019-3846
03 Jun 2019 — A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. Se encontró un fallo que permitía a un atacante corromper la memoria y posiblemente aumentar los privilegios en el módulo del kernel mwifiex mientras se conectaba a una red inalámbrica maliciosa. A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12456
https://notcve.org/view.php?id=CVE-2019-12456
30 May 2019 — An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used ** EN DISPUTA ** Se detecto un problema en MPT3COMMAND case en _ctl... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12455
https://notcve.org/view.php?id=CVE-2019-12455
30 May 2019 — An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to... • https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3&id=fcdf445ff42f036d22178b49cf64e92d527c1330 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12454
https://notcve.org/view.php?id=CVE-2019-12454
30 May 2019 — An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case ** EN DISPUTA ** Se detecto un problema en la función wcd9335_codec_enable_dec e... • https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12382 – kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service
https://notcve.org/view.php?id=CVE-2019-12382
28 May 2019 — An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference ** EN DISPUTA ** Un problema fue encontrado en la función drm_load_edi... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12381
https://notcve.org/view.php?id=CVE-2019-12381
28 May 2019 — An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL ** EN DISPUTA ** Un problema fue encontrado en la función ip_ra_control en el archivo net/ipv4/ip_sockglue.c en el kernel de Linux hasta la versión 5.1.5. Hay un kmalloc sin marcar de new_ra, que pod... • http://www.securityfocus.com/bid/108473 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12380
https://notcve.org/view.php?id=CVE-2019-12380
28 May 2019 — **DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”. ** EN DISPUTA ** Se ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html • CWE-388: 7PK - Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12379
https://notcve.org/view.php?id=CVE-2019-12379
28 May 2019 — An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue * DISPUTADO ** Se descubrió un problema en con_insert_unipair en drivers / tty / vt / consolemap.c en el kernel de Linux hasta 5.1.5. Hay una pérdida de memoria en un caso determinado de un resultado ENOMEM de kmalloc. NOTA: Este ID Se ha cuestionado porque no es un problema. • http://www.securityfocus.com/bid/108478 • CWE-401: Missing Release of Memory after Effective Lifetime •