CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12381
https://notcve.org/view.php?id=CVE-2019-12381
An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL ** EN DISPUTA ** Un problema fue encontrado en la función ip_ra_control en el archivo net/ipv4/ip_sockglue.c en el kernel de Linux hasta la versión 5.1.5. Hay un kmalloc sin marcar de new_ra, que podría permitir a un atacante generar una Denegación de Servicio (desreferencia de puntero NULL y bloqueo del sistema). NOTA: esto se disputa porque new_ra nunca se usa si es NULL. • http://www.securityfocus.com/bid/108473 https://bugzilla.redhat.com/show_bug.cgi?id=1715501 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE https://lkml.org/lkml/2019/5/25/230 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12380
https://notcve.org/view.php?id=CVE-2019-12380
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”. ** EN DISPUTA ** Se descubrió un problema en el subsistema efi en el kernel de Linux hasta la versión 5.1.5. phys_efi_set_virtual_address_map en arch / x86 / platform / efi / efi.c y efi_call_phys_prolog en arch / x86 / platform / efi / efi_64.c manejan mal los errores de asignación de memoria. NOTA: Esta identificación se disputa por no ser un problema porque “Todo el código tocado por el commit referenciado solo se ejecuta en el arranque, antes de que se inicien los procesos del usuario. Por lo tanto, no hay posibilidad de que un usuario sin privilegios lo controle ". • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://www.securityfocus.com/bid/108477 https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedo • CWE-388: 7PK - Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12379
https://notcve.org/view.php?id=CVE-2019-12379
An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue * DISPUTADO ** Se descubrió un problema en con_insert_unipair en drivers / tty / vt / consolemap.c en el kernel de Linux hasta 5.1.5. Hay una pérdida de memoria en un caso determinado de un resultado ENOMEM de kmalloc. NOTA: Este ID Se ha cuestionado porque no es un problema. • http://www.securityfocus.com/bid/108478 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=84ecc2f6eb1cb12e6d44818f94fa49b50f06e6ac https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=15b3cd8ef46ad1b100e0d3c7e38774f330726820 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HO • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12378
https://notcve.org/view.php?id=CVE-2019-12378
An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue ** EN DISPUTA ** Un problema fue encontrado en la función ip6_ra_control en el archivo net/pv6 / ipv6_sockglue.c en el kernel de Linux hasta la versión 5.1.5. Hay un kmalloc sin marcar de new_ra, que podría permitir que un atacante provoque una Denegación de Servicio (desreferencia de puntero NULL y bloqueo del sistema). NOTA: Esto ha sido discutido y no es una incidencia. • http://www.securityfocus.com/bid/108475 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE https://lkml.org/lkml/2019/5/25/229 • CWE-476: NULL Pointer Dereference •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 1CVE-2019-9500 – Broadcom brcmfmac driver is vulnerable to a heap buffer overflow
https://notcve.org/view.php?id=CVE-2019-9500
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. • https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html https://git.kernel.org/linus/1b5e2423164b3670e8bc9174e4762d297990deff https://kb.cert.org/vuls/id/166939 https://access.redhat.com/security/cve/CVE-2019-9500 https://bugzilla.redhat.com/show_bug.cgi?id=1701224 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •