CVE-2019-17133 – kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c
https://notcve.org/view.php?id=CVE-2019-17133
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. En el kernel de Linux versiones hasta 5.3.2, la función cfg80211_mgd_wext_giwessid en el archivo net/wireless/wext-sme.c no rechaza un SSID IE largo, conllevando a un Desbordamiento de Búfer. A vulnerability was found in the Linux kernel's generic WiFi ESSID handling implementation. The flaw allows a system to join a wireless network where the ESSID is longer than the maximum length of 32 characters, which can cause the system to crash or execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0375 https://access.redhat.com/errata/RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0592 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2019-17075
https://notcve.org/view.php?id=CVE-2019-17075
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance. Se detectó un problema en la función write_tpt_entry en el archivo drivers/infiniband/hw/cxgb4/mem.c en el kernel de Linux versiones hasta 5.3.2. El controlador cxgb4 está llamando directamente a dma_map_single (una función DMA) desde una variable de la pila. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lore.kernel.org/lkml/20191001165611.GA3542072%40kroah.com https://seclists.org/bugtraq/2019/Nov/11 https://usn.ubuntu.com/4208-1 https://usn.ubuntu.com/4210-1 https://usn.ubuntu.com/4211-1 https://usn.ubuntu.com/4211-2 https://usn.ubuntu.com/4226-1 https://www.oracle.com/security-alerts/cp •
CVE-2019-17052
https://notcve.org/view.php?id=CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. ax25_create en net / ax25 / af_ax25.c en el módulo de red AF_AX25 en el kernel de Linux versión 3.16 hasta la la versión 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también conocido como CID-0614e2b73768 • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2c675dab816278a1724c1e93b384c2f05a11cb31 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0614e2b73768b502fc32a75349823356d98aae2c https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html • CWE-276: Incorrect Default Permissions •
CVE-2019-17053 – kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol
https://notcve.org/view.php?id=CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. ieee802154_create en net / ieee802154 / socket.c en el módulo de red AF_IEEE802154 en el kernel de Linux hasta la versión 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también conocido como CID-e69dbd4619e7. A vulnerability was discovered in the Linux kernel's AF_IEEE802154 networking module where permissions checks are not enforced. This can allow an unprivileged user to create raw sockets for this protocol leading to the potential for data leaks or system unavailability. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e69dbd4619e7674c1679cba49afd9dd9ac347eef https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives • CWE-250: Execution with Unnecessary Privileges CWE-276: Incorrect Default Permissions •
CVE-2019-17054
https://notcve.org/view.php?id=CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. La función atalk_create en el archivo net/appletalk/ddp.c en el módulo de red AF_APPLETALK en el kernel de Linux versiones hasta 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también se conoce como CID-6cc03e8aa36c. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cc03e8aa36c51f3b26a0d21a3c4ce2809c842ac https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives • CWE-276: Incorrect Default Permissions •