CVSS: 7.8EPSS: 3%CPEs: 12EXPL: 0CVE-2019-8980 – kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service
https://notcve.org/view.php?id=CVE-2019-8980
21 Feb 2019 — A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. Una fuga de memoria en la función kernel_read_file en fs/exec.c en el kernel de Linux, hasta la versión 4.20.11, permite que los atacantes provoquen una denegación de servicio (consumo de memoria) desencadenando errores en vfs_read. A kernel memory leak was found in the kernel_read_file() function in the fs/exec.c ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2019-8912 – kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr
https://notcve.org/view.php?id=CVE-2019-8912
18 Feb 2019 — In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. En el kernel de Linux, hasta la versión 4.20.11, af_alg_release() en crypto/af_alg.c no establece un valor NULL para cierto miembro de estructura, lo que conduce a un uso de memoria previamente liberada en sockfs_setattr. In the Linux kernel af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain struct... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2019-7221 – Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
https://notcve.org/view.php?id=CVE-2019-7221
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 1CVE-2019-7222 – Kernel: KVM: leak of uninitialized stack contents to guest
https://notcve.org/view.php?id=CVE-2019-7222
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información. An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory co... • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 6%CPEs: 60EXPL: 3CVE-2019-6974 – Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2019-6974
15 Feb 2019 — In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. En el kernel de Linux en versiones anteriores a la 4.20.8, kvm_ioctl_create_device en virt/kvm/kvm_main.c gestiona de manera incorrecta el conteo de referencias debido a una condición de carrera, lo que conduce a un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor imp... • https://www.exploit-db.com/exploits/46388 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2019-7308 – Linux Insufficient eBPF Spectre V1 Mitigation
https://notcve.org/view.php?id=CVE-2019-7308
01 Feb 2019 — kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. En el kernel de Linux, en versiones anteriores a la 4.20.6, "kernel/bpf/verifier.c" realiza especulaciones fuera de límites no deseables en la aritmética de punteros en varias ocasiones, incluyendo casos de diferentes ramas con distintos estados o límite... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38 • CWE-189: Numeric Errors •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10741 – kernel: race condition between direct and memory-mapped I/O in fs/xfs/xfs_aops.c
https://notcve.org/view.php?id=CVE-2016-10741
01 Feb 2019 — In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure. En el kernel de Linux, en versiones anteriores a la 4.9.3, "fs/xfs/xfs_aops.c" permite a los usuarios locales provocar una denegación de servicio (cierre inesperado del sistema) debido a que hay una condición de carrera entre el I/O directo y el ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04197b341f23b908193308b8d63d17ff23232598 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-369: Divide By Zero •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-19985 – kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
https://notcve.org/view.php?id=CVE-2018-19985
31 Jan 2019 — The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. La función hso_get_config_data en drivers/net/usb/hso.c en el kernel de Linux, hasta la versión 4.19.8, lee if_num desde el dispositivo USB (como un u8) y lo emplea para indexar un array pequeño, lo que resulta en una lectur... • http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-18360 – kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service
https://notcve.org/view.php?id=CVE-2017-18360
31 Jan 2019 — In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates. En change_port_settings en drivers/usb/serial/io_ti.c en el kernel de Linux, en versiones anteriores a la 4.11.3, los usuarios locales podrían provocar una denegación de servicio (DoS) por medio de una división entre cero en la capa del dispositivo en serie intentando establecer tasas de baud... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6aeb75e6adfaed16e58780309613a578fe1ee90b • CWE-369: Divide By Zero •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16880
https://notcve.org/view.php?id=CVE-2018-16880
29 Jan 2019 — A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable. Se ha encontrado un error en la función handle_rx() del controlador [vhost_net] en el kernel de Linux. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html • CWE-787: Out-of-bounds Write •