CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19525
https://notcve.org/view.php?id=CVE-2019-19525
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. En el kernel de Linux versiones anteriores a 5.3.6, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/ieee802154/atusb.c, también se conoce como CID-7fd25e6fc035. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fd25e6fc035f4b04b75bca6d7e8daa069603a76 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html • CWE-416: Use After Free •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19526
https://notcve.org/view.php?id=CVE-2019-19526
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. En el kernel de Linux versiones anteriores a 5.3.9, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/nfc/pn533/usb.c, también se conoce como CID-6af3aa57a098. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc https://usn.ubuntu.com/4226-1 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19528 – kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
https://notcve.org/view.php?id=CVE-2019-19528
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. En el kernel de Linux versiones anteriores a 5.3.7, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/usb/misc/iowarrior.c, también se conoce como CID-edc4746f253d. A use-after-free flaw was found in iowarrior_disconnect in iowarrior USB driver module were a flag was simultaneously modified causing a race between a device open and disconnect. This flaw could allow a physical attacker to cause a denial of service (DoS) attack. This vulnerability could even lead to a kernel information leak problem. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c468a8aa790e0dfe0a7f8a39db282d39c2c00b46 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=edc4746f253d907d048de680a621e121517f484b https://access.redhat.com/security/cve/CVE-2019-19528 https:/& • CWE-416: Use After Free •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2019-19529
https://notcve.org/view.php?id=CVE-2019-19529
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. En el kernel de Linux versiones anteriores a 5.3.11, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/can/usb/mcba_usb.c, también se conoce como CID-4d6636498c41. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79 https://usn.ubuntu.com/4225-1 https://usn.ubuntu.com/4225-2 https://usn.ubuntu.com/4226-1 https://usn.ubuntu.com/4227-1 https://usn.ubuntu.com/4227-2 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19532 – kernel: malicious USB devices can lead to multiple out-of-bounds write
https://notcve.org/view.php?id=CVE-2019-19532
In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c. En el kernel de Linux versiones anteriores a 5.3.9, se presentan múltiples bugs de escritura fuera de límites que pueden ser causados ??por un dispositivo USB malicioso en el controlador del archivo HID del kernel de Linux, también se conoce como CID-d9d4b1e46d95. Esto afecta a los archivos drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://www.openwall.com/lists/oss-security/2019/12/03/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d9d4b1e46d9543a82c23f6df03f4ad697dab361b https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/4226-1 https&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •