CVE-2019-12614 – kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
https://notcve.org/view.php?id=CVE-2019-12614
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). Se descubrió un problema en dlpar_parse_cc_property en arch / powerpc / platform / pseries / dlpar.c en el kernel de Linux hasta la versión 5.1.6. Hay un kstrdup sin marcar de prop-> name, que podría permitir que un atacante provoque una denegación de servicio (desreferencia de puntero NULL y bloqueo del sistema). A flaw was found in the way Linux kernel's Dynamic Logical Partitioning (DLPAR) functionality on PowerPC systems handled low memory conditions on device discovery. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.securityfocus.com/bid/108550 https://git.kernel.org/pub/ • CWE-476: NULL Pointer Dereference •
CVE-2019-3846 – kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
https://notcve.org/view.php?id=CVE-2019-3846
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. Se encontró un fallo que permitía a un atacante corromper la memoria y posiblemente aumentar los privilegios en el módulo del kernel mwifiex mientras se conectaba a una red inalámbrica maliciosa. A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html ht • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2019-8457 – sqlite: heap out-of-bound read in function rtreenode()
https://notcve.org/view.php?id=CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. SQLite3 desde la versión 3.6.0 hasta la versión 3.27.2 incluida es vulnerable a la lectura de memoria dinámica fuera de límites de la función rtreenode () cuando se manejan tablas de rtree no válidas. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M https://security.netapp.com/advisory/ntap-20190606-0002 https://usn.ubuntu.com/4004-1 https://usn.ubuntu.com/4004-2 https://usn. • CWE-125: Out-of-bounds Read •
CVE-2019-12450 – glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress
https://notcve.org/view.php?id=CVE-2019-12450
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. La función file_copy_fallback en el archivo gio/gfile.c en GNOME GLib versión 2.15.0 hasta la 2.61.1, no restringe apropiadamente los permisos de los archivos durante una operación de copia en progreso. En su lugar, se utilizan los permisos por defecto. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html https://access.redhat.com/errata/RHSA-2019:3530 https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174 https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI https://security.netapp.com/advisory/ntap-20190606-0003 https://usn.ubuntu.com/4014-1 https://usn.ubuntu.com/4014- • CWE-276: Incorrect Default Permissions CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-552: Files or Directories Accessible to External Parties •
CVE-2019-11833 – kernel: fs/ext4/extents.c leads to information disclosure
https://notcve.org/view.php?id=CVE-2019-11833
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. fs / ext4 / extents.c en el kernel de Linux hasta 5.1.2 no pone a cero la región de memoria no utilizada en el bloque del árbol de extensión, lo que podría permitir a los usuarios locales obtener información confidencial al leer datos no inicializados en el sistema de archivos. A flaw was found in the Linux kernel's implementation of ext4 extent management. The kernel doesn't correctly initialize memory regions in the extent tree block which may be exported to a local user to obtain sensitive information by reading empty/uninitialized data from the filesystem. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://www.securityfocus.com/bid/108372 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •