CVE-2019-15031 – kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
https://notcve.org/view.php?id=CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. En el kernel de Linux versiones hasta 5.2.14 en la plataforma powerpc, un usuario local puede leer los registros vectoriales de los procesos de otros usuarios por medio de una interrupción. Para explotar la venerabilidad, un usuario local inicia una transacción (por medio de la instrucción de memoria transaccional de hardware tbegin) y luego accede a los registros vectoriales. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://www.openwall.com/lists/oss-security/2019/09/10/4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a8318c13e79badb92bc6640704a64cc022a6eb97 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4135-1 https://usn.ubuntu.com/4135-2 https://access.redhat.com/security/cve/CVE-2019 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-662: Improper Synchronization •
CVE-2019-16275
https://notcve.org/view.php?id=CVE-2019-16275
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range. hostapd versiones anteriores a 2.10 y wpa_supplicant versiones anteriores a 2.10, permiten una indicación incorrecta de desconexión en ciertas situaciones porque la comprobación de la dirección de origen es manejada inapropiadamente. Esta es una denegación de servicio que debió haber sido evitada mediante PMF (también se conoce como protección de la trama de administración). El atacante requiere enviar una trama 802.11 diseñada desde una ubicación que este dentro del rango de comunicaciones de 802.11. • http://www.openwall.com/lists/oss-security/2019/09/12/6 https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5 https://lists.fedoraproject.org/archives& • CWE-346: Origin Validation Error •
CVE-2019-16229
https://notcve.org/view.php?id=CVE-2019-16229
drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id ** EN DISPUTA ** El archivo drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c en el kernel de Linux versión 5.2.14 no comprueba el valor de retorno de alloc_workqueue, conllevando a una desreferencia del puntero NULL. NOTA: La comunidad de seguridad cuestiona estos problemas por no ser lo suficientemente graves como para merecer una identificación CVE. • https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3 https://lkml.org/lkml/2019/9/9/487 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4284-1 https://usn.ubuntu.com/4285-1 https://usn.ubuntu.com/4287-1 https://usn.ubuntu.com/4287-2 • CWE-476: NULL Pointer Dereference •
CVE-2019-16231 – kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c
https://notcve.org/view.php?id=CVE-2019-16231
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. El archivo drivers/net/fjes/fjes_main.c en el kernel de Linux versión 5.2.14, no comprueba el valor de retorno en alloc_workqueue, conllevando a una desreferencia del puntero NULL. A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the FUJITSU Extended Socket Network driver. A call to the alloc_workqueue return was not validated and causes a denial of service at the time of failure. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html https://lkml.org/lkml/2019/9/9/487 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4225-1 https://usn.ubuntu.com/4225-2 https://usn.ubuntu.com/4226-1 https://usn.ubuntu.com/4227-1 https://usn.ubuntu.com/4227-2 https://access.redhat.com/security/cve/CVE-2019-16231 https://bugz • CWE-476: NULL Pointer Dereference •
CVE-2019-16232
https://notcve.org/view.php?id=CVE-2019-16232
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. El archivo drivers/net/wireless/marvell/libertas/if_sdio.c en el kernel de Linux versión 5.2.14, no comprueba el valor de retorno en alloc_workqueue, conllevando a una desreferencia del puntero NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP https://lkml.org/lkml/2019/9/9/487 https://security.netapp.com/advisory/ntap-20191004-0001 https://usn.ubuntu.com/4284-1 • CWE-476: NULL Pointer Dereference •