Page 430 of 2669 results (0.032 seconds)

CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 1

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. Se encontró un fallo que permitía a un atacante corromper la memoria y posiblemente aumentar los privilegios en el módulo del kernel mwifiex mientras se conectaba a una red inalámbrica maliciosa. A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html ht • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used ** EN DISPUTA ** Se detecto un problema en MPT3COMMAND case en _ctl_ioctl_main en drivers/scsi/mpt3sas/mpt3sas_ctl.c en el kernel de Linux hasta la versión 5.1.5. Permite a los usuarios locales generar una Denegación de Servicio o posiblemente tener otro impacto no especificado al cambiar el valor de ioc_number entre dos lecturas del kernel de este valor, también conocida como una vulnerabilidad de "double fetch". NOTA: un tercero informa que esto no se puede explotar porque no se utiliza el valor doblemente obtenido. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html https://bugzilla.redhat.com/show_bug.cgi?id=1717182 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue&id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDURACJVGIB •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.” ** EN DISPUTA ** Se descubrió un problema en sunxi_divs_clk_setup en drivers / clk / sunxi / clk-sunxi.c en el kernel de Linux hasta la versión 5.1.5. Existe una kstrndup no verificada de derived_name, que podría permitir a un atacante provocar una denegación de servicio (desreferencia de puntero NULL y bloqueo del sistema). • https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3&id=fcdf445ff42f036d22178b49cf64e92d527c1330 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://security.netapp.com/advisory/ntap-20190710-0002 https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg2010240.html • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case ** EN DISPUTA ** Se detecto un problema en la función wcd9335_codec_enable_dec en el archivo sound/soc/codecs/wcd9335.c en el kernel de Linux hasta la versión 5.1.5. Se usa kstrndup en lugar de kmemdup_nul, lo que permite a los atacantes tener un impacto no especificado a través de vectores desconocidos. NOTA: El proveedor niega que esto no sea una vulnerabilidad porque cambiar a kmemdup_nul() solo solucionaría un problema de seguridad si la cadena de origen no estaba NUL-terminated, lo cual no es el caso. • https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1 https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git/commit/?h=for-5.3&id=a54988113985ca22e414e132054f234fc8a92604 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lkml.org/lkml/2019/5/29/705 https://support.f5.com/csp/article/K13523672 https://support.f5.com/csp/article/K13523672?utm_source=f5support&amp%3Butm_medium=RSS •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference ** EN DISPUTA ** Un problema fue encontrado en la función drm_load_edid_firmware en el archivo driver/gpu/drm/drm_edid_load.c en el kernel de Linux hasta la versión 5.1.5. Se presenta un kstrdup sin comprobar de fwstr, que podría permitir que un atacante genere una Denegación de Servicio (desreferencia de puntero NULL y bloqueo del sistema). NOTA: El proveedor niega que estos problemas no sean una vulnerabilidad porque kstrdup () que devuelve NULL se trata de manera suficiente y no hay posibilidad de que se elimine la referencia al puntero NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://www.securityfocus.com/bid/108474 https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list&# • CWE-476: NULL Pointer Dereference •