Page 528 of 2841 results (0.030 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring. En el kernel de Linux versiones anteriores a la versión 5.3.11, el archivo sound/core/timer.c tiene un uso de la memoria previamente liberada causado por una refactorización de código errónea, también se conoce como CID-e7af6307a8a5. Esto está relacionado con las funciones snd_timer_open y snd_timer_close_locked. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e7af6307a8a54f0b873960b32b6a644f2d0fbd97 https://github.com/torvalds/linux/commit/e7af6307a8a54f0b873960b32b6a644f2d0fbd97 https://security.netapp.com/advisory/ntap-20200103-0001 https://usn.ubuntu.com/4225-1 https://usn.ubuntu.com/4227-1 https://usn.ubuntu.com/4227-2 https://access.redhat.com/security/cve/CVE-2019-19807 https://bugzilla.redhat.com/ • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163. El kernel de Linux versión anterior a 5.4.2 maneja inapropiadamente la función ext4_expand_extra_isize, como es demostrado por un error de uso de la memoria previamente liberada en las funciones __ext4_expand_extra_isize y ext4_xattr_set_entry, relacionadas con los archivos fs/ext4/inode.c y fs/ext4/super.c, también se conoce como CID-4ea99936a163. A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when inode expansion happens. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://bugzilla.kernel.org/show_bug.cgi?id=205609 https://bugzilla.kernel.org/show_bug.cgi?id=205707 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a https://github.com/torvalds/linux/commit/4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html h • CWE-416: Use After Free •

CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). En el kernel de Linux versión 5.3.10, se presenta un uso de la memoria previamente liberada en la función perf_trace_lock_acquire (relacionada con el archivo include/trace/events/lock.h). • https://bugzilla.kernel.org/show_bug.cgi?id=205705 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VJSIZWKW7RDHKU3CHC5BFAQI43NVHLUQ https://security.netapp.com/advisory/ntap-20200103-0001 https://usn.ubuntu.com/4368-1 https://usn.ubuntu.com/4369-1 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 1

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. En el kernel de Linux versiones 5.0.21 y 5.3.11, montando una imagen de sistema de archivos btrfs diseñada, al realizar algunas operaciones y luego haciendo una llamada de sistema syncfs puede conllevar a un uso de la memoria previamente liberada en la función try_merge_free_space en el archivo fs/btrfs/free-space-cache.c porque el puntero en una estructura de datos izquierda puede ser el mismo que el puntero en una estructura de datos derecha. • https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://security.netapp.com/advisory/ntap-20200103-0001 https://usn.ubuntu.com/4578-1 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1

In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. En el kernel de Linux versión 5.0.21, montando una imagen de sistema de archivos ext4 diseñada, al realizar algunas operaciones y desmontarla puede conllevar a un uso de la memoria previamente liberada en la función ext4_put_super en el archivo fs/ext4/super.c, relacionado con la función dump_orphan_list en el archivo fs/ext4/super.do. A flaw was found in the Linux kernel's ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200103-0001 https://access.redhat.com/security/cve/CVE-2019-19447 https://bugzilla.redhat.com/show_bug.cgi • CWE-416: Use After Free •