Page 694 of 3683 results (0.015 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c. En el kernel de Linux versión 5.0.21, montar una imagen del sistema de archivos btrfs diseñada puede conllevar a un acceso de escritura fuera de límites en la función index_rbio_pages en el archivo fs/btrfs/raid56.c. • https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378 https://security.netapp.com/advisory/ntap-20200103-0001 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. En el kernel de Linux versión 5.0.21, montar una imagen de sistema de archivos btrfs diseñada, realizar algunas operaciones y desmontarlas puede conllevar a un uso de la memoria previamente liberada en la función btrfs_queue_work en el archivo fs/btrfs/async-thread.c. • https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://security.netapp.com/advisory/ntap-20200103-0001 https://usn.ubuntu.com/4367-1 https://usn.ubuntu.com/4369-1 https://usn.ubuntu.com/4414-1 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 2%CPEs: 13EXPL: 0

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://access.redhat.com/errata/RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0374 https://access.redhat.com/errata/RHSA- • CWE-122: Heap-based Buffer Overflow CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA. Se encontró un desbordamiento de búfer en la región stack de la memoria en el kernel de Linux, versión kernel-2.6.32, en el controlador del chip WiFi de Marvell. Un atacante es capaz de causar una denegación de servicio (bloqueo del sistema) o, posiblemente, ejecutar código arbitrario, cuando una STA funciona en modo IBSS (permite conectar estaciones juntas sin el uso de un AP) y se conecta a otra STA. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14897 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://lists.fedoraproject.org/archives/list& • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. Se detectó un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones 3.x.x y versiones 4.x.x anteriores a 4.18.0, en el controlador del chip WiFi de Marvell. El fallo podría presentarse cuando la estación intenta una negociación de conexión durante el manejo de la configuración country de dispositivos remotos. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html https://access.redhat.com/errata/RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0375 https://access.redhat.com/errata/RHSA- • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •