CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2018-20784 – kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service
https://notcve.org/view.php?id=CVE-2018-20784
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load. En el kernel de Linux, en versiones anteriores a la 4.20.2, kernel/sched/fair.c gestiona leaf cfs_rq de manera incorrecta, lo que permite que los atacantes provoquen una denegación de servicio (bucle infinito en update_blocked_averages) o, posiblemente, otro impacto sin especificar induciendo una carga alta. The CFS Linux kernel scheduler mishandles handling of leaf cfs_rq's in the kernel/sched/fair.c code, which allows a local unprivileged attacker to cause a denial of service (DoS) by entering an infinite loop in update_blocked_averages() function by inducing a high load on a system. Due to the nature of the flaw, a remote network attack (by initiating a magnitude of remote requests) cannot be fully ruled out. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c40f7d74c741a907cfaeb73a7697081881c497d0 https://access.redhat.com/errata/RHSA-2019:1959 https://access.redhat.com/errata/RHSA-2019:1971 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2 https://github.com/torvalds/linux/commit/c40f7d74c741a907cfaeb73a7697081881c497d0 https://usn.ubuntu.com/4115-1 https://usn.ubuntu.com/4118-1 https://usn.ubuntu.com/4211-1 https://usn.ubuntu.com/4211-2 https: • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 1%CPEs: 14EXPL: 0CVE-2019-9003 – kernel: use-after-free and OOPS in drivers/char/ipmi/ipmi_msghandler.c
https://notcve.org/view.php?id=CVE-2019-9003
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop. En el kernel de Linux, en versiones anteriores a la 4.20.5, los atacantes pueden desencadenar un uso de memoria previamente liberada y un estado "OOPS" en drivers/char/ipmi/ipmi_msghandler.c haciendo que cierto código se ejecute de forma simultánea, tal y como queda demostrado con un bucle "service ipmievd restart". A use-after-free and OOPs flaw was found in the Linux kernel's drivers/char/ipmi/ipmi_msghandler.c code. By arranging certain simultaneous execution of the code accessing IPMI device files, an attacker can cause a denial of service (DoS) attack. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77f8269606bf95fcb232ee86f6da80886f1dfae8 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html http://www.securityfocus.com/bid/107145 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.5 https://github.com/torvalds/linux/commit/77f8269606bf95fcb232ee86f6da80886f1dfae8 https://security.netapp.com/advisory/ntap-20190327-0002 https://usn.ubuntu.com/3930-1 https://usn.ubuntu.com/3930-2 https:/ • CWE-416: Use After Free •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 0CVE-2019-8980 – kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service
https://notcve.org/view.php?id=CVE-2019-8980
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. Una fuga de memoria en la función kernel_read_file en fs/exec.c en el kernel de Linux, hasta la versión 4.20.11, permite que los atacantes provoquen una denegación de servicio (consumo de memoria) desencadenando errores en vfs_read. A kernel memory leak was found in the kernel_read_file() function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html http://www.securityfocus.com/bid/107120 https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html https://support.f5.com/csp/article/K56480726 https://usn.ubuntu.com/3930-1 https://usn.ubuntu.com/3930-2 https://usn.ubuntu.com/3931-1 https://usn.ubuntu.com/3931-2 https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1935698.html https://www.mail-archive.com/linux-kernel%40vg • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2019-8912 – kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr
https://notcve.org/view.php?id=CVE-2019-8912
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. En el kernel de Linux, hasta la versión 4.20.11, af_alg_release() en crypto/af_alg.c no establece un valor NULL para cierto miembro de estructura, lo que conduce a un uso de memoria previamente liberada en sockfs_setattr. In the Linux kernel af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free (UAF) in sockfs_setattr. A local attacker can use this flaw to escalate privileges and take control of the system. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html http://patchwork.ozlabs.org/patch/1042902 http://www.securityfocus.com/bid/107063 https://access.redhat.com/errata/RHSA-2020:0174 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-8912 https://usn.ubuntu.com/3930-1 https://usn.ubuntu.com/3930-2 https://usn.ubuntu.com/3931-1 https://usn.ubuntu.com/3931-2 https://access.redhat.com/security/cve/CVE-2019-8912 https://bugzilla.redhat.c • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2019-7221 – Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
https://notcve.org/view.php?id=CVE-2019-7221
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html http://www.openwall.com/lists/oss-security/2019/02/18/2 https://access.redhat.com/errata/RHBA-2019:0959 https://access.redhat.com/errata/RHSA-2019:0818 https://access.redhat.com/errata/RHSA-2019:0833 https://access.redhat.com/errata/RHSA-2019:3967 https://access.redhat.com/errata/RHSA-2019:4058 https://bugs.chromiu • CWE-416: Use After Free •