CVSS: 5.6EPSS: 0%CPEs: 14EXPL: 1CVE-2019-15902
https://notcve.org/view.php?id=CVE-2019-15902
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped. Se descubiró un error de backporting en el kernel de Linux estable/a largo plazo en sus versiones 4.4.x hasta 4.4.190, versiones 4.9.x hasta 4.9.190, versiones 4.14.x hasta 4.14.141, versiones 4.19.x hasta 4.19.69 y versiones 5.2.x hasta 5.2 .11. El uso incorrecto del commit "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" aguas arriba reintrodujo la vulnerabilidad Spectre que se pretendía eliminar. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html https://seclists.org/bugtraq/2019/Sep/41 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4157-1 https://usn.ubuntu.com/4157-2 https://usn.ubuntu.com/4162-1 http • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2019-15807 – kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
https://notcve.org/view.php?id=CVE-2019-15807
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. En el kernel de Linux versiones anteriores a 5.1.13, se presenta una pérdida de memoria en la biblioteca drivers/scsi/libsas/sas_expander.c cuando no se detecta el expansor SAS. Esto provocará un BUG y una denegación de servicio. A memory leak flaw was found in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0541791453fbe7f42867e310e0c9eb6295364d https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html https://security.netapp.com/advisory/ntap-20191004-0001 https://support.f5.com/csp/article/K52136304?utm_ • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2019-15666 – kernel: out-of-bounds array access in __xfrm_policy_unlink
https://notcve.org/view.php?id=CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. Se descubrió un fallo en el núcleo de Linux en versiones anteriores a 5.0.19. Hay un acceso a array fuera de límites en __xfrm_policy_unlink, lo que causará una denegación del servicio, ya que verify_newpolicy_info en net/xfrm/xfrm_user.c gestiona mal la validación de directorios. A flaw was found in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b805d78d300bcf2c83d6df7da0c818b0fee41427 https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html https://security.netapp.com/ • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 2%CPEs: 42EXPL: 0CVE-2019-15538 – kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c
https://notcve.org/view.php?id=CVE-2019-15538
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS. Se descubrió un problema en xfs_setattr_nonsize en fs / xfs / xfs_iops.c en el kernel de Linux a través de 5.2.9. XFS se bloquea parcialmente cuando falla un chgrp debido a que no se encuentra en la cuota de disco. xfs_setattr_nonsize no puede desbloquear el ILOCK después de que la llamada xfs_qm_vop_chown_reserve falla. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html https://lists.fedoraproject.org/archives& • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2019-15505 – kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c
https://notcve.org/view.php?id=CVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). drivers/media/usb/dvb-usb/technisat-usb2.c en el kernel de Linux hasta la versión 5.2.9 tiene una lectura fuera de los límites a través del tráfico de dispositivos USB diseñado (que puede ser remoto a través de usbip o usbredir). An out-of-bounds read flaw was found in the DVB USB subsystem of the Linux kernel. There was no boundary check applied to the array in struct technisat_usb2_state state->buf until the 0xff byte is encountered. If the byte is not encountered within the limit, an exposure of kernel data structure occurs. Data confidentiality and system availability are the highest threats with this vulnerability. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.linuxtv.org/media_tree.git/commit/?id=0c4df39e504bf925ab666132ac3c98d6cbbe380b https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro • CWE-125: Out-of-bounds Read •