CVE-2019-25013 – glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding
https://notcve.org/view.php?id=CVE-2019-25013
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. La funcionalidad iconv en la biblioteca GNU C (también se conoce como glibc o libc6) versiones hasta 2.32, cuando se procesan secuencias de entrada multibyte no válidas en la codificación EUC-KR, puede tener una lectura excesiva del búfer. A flaw was found in glibc. When processing input in the EUC-KR encoding, an invalid input sequence could cause glibc to read beyond the end of a buffer, resulting in a segmentation fault. The highest threat from this vulnerability is to system availability. • https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cj • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 https://access.redhat.com/errata/RHSA-2020:0160 https://access.redhat.com/errata/RHSA-2020:0161 https://access.redhat.com/errata/RHSA-2020:0164 https://access.redhat.com/errata/RHSA-2020:0445 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba0911 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-2215 – Android Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 Un uso de la memoria previamente liberada en el archivo binder.c, permite una elevación de privilegios desde una aplicación en el kernel de Linux. No es requerida una interacción del usuario para explotar esta vulnerabilidad, sin embargo, la explotación necesita de la instalación de una aplicación local maliciosa o una vulnerabilidad separada en una aplicación de red. Producto: Android; ID de Android: A-141720095 Android suffers from a use-after-free vulnerability in the binder driver at /drivers/android/binder.c. Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. • https://www.exploit-db.com/exploits/48129 https://www.exploit-db.com/exploits/47463 https://github.com/timwr/CVE-2019-2215 https://github.com/LIznzn/CVE-2019-2215 https://github.com/ATorNinja/CVE-2019-2215 https://github.com/stevejubx/CVE-2019-2215 https://github.com/c3r34lk1ll3r/CVE-2019-2215 https://github.com/qre0ct/android-kernel-exploitation-ashfaq-CVE-2019-2215 https://github.com/mufidmb38/CVE-2019-2215 https://github.com/Byte-Master-101/CVE-2019-2215 https: • CWE-416: Use After Free •
CVE-2019-16995
https://notcve.org/view.php?id=CVE-2019-16995
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. En el kernel de Linux versiones anterior a 5.0.3, se presenta una pérdida de memoria en la función hsr_dev_finalize() en el archivo net/hsr/hsr_device.c si hsr_add_port no puede agregar un puerto, lo que puede causar una denegación de servicio, también se conoce como CID-6caabe7f197d. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.3 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6caabe7f197d3466d238f70915d65301f1716626 https://github.com/torvalds/linux/commit/6caabe7f197d3466d238f70915d65301f1716626 https://security.netapp.com/advisory/ntap-20191031-0005 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-14814 – kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS
https://notcve.org/view.php?id=CVE-2019-14814
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario. A flaw was found in the Linux kernel’s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/08/28/1 https://access.redhat.com/errata/RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0328 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •