PT-2019-6310 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel version 5.2.14 Description: The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the radeon display driver. This occurs because the alloc workqueue return value is not checked, potentially leadi...

Linux kernel null pointer dereference vulnerability (CNVD-2019-31655)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A null pointer dereference vulnerability exists in fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c in versions of Linux kernel prior to 5.0.11. The...

Linux kernel memory leak vulnerability (CNVD-2019-31647)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. Linux kernel versions prior to 5.0.6 have a memory leak vulnerability in net/netlink/genetlink.c when idralloc of genlregisterfamily fails. No details of the...

Linux kernel null pointer dereference vulnerability (CNVD-2019-31656)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A null pointer dereference vulnerability exists in the cd data structure in versions of Linux kernel prior to 5.0.9 when allocdisk in drivers/block/paride/pf.c fails. ...

DEBIAN-CVE-2019-15924

An issue was discovered in the Linux kernel before 5.0.11. fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c has a NULL pointer dereference because there is no -ENOMEM upon an allocworkqueue failure...

CVE-2019-15923

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if allocdisk fails in drivers/block/paride/pf.c...

UBUNTU-CVE-2019-15924

An issue was discovered in the Linux kernel before 5.0.11. fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c has a NULL pointer dereference because there is no -ENOMEM upon an allocworkqueue failure...

UBUNTU-CVE-2019-15922

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if allocdisk fails in drivers/block/paride/pf.c...

UBUNTU-CVE-2019-15923

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if allocdisk fails in drivers/block/paride/pf.c...

Important: Red Hat Security Advisory: procps-ng security update

An update for procps-ng is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

OPENSUSE-SU-2019:0346-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to version jdk8u201 icedtea 3.11.0 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl bsc1122293. - CVE-2018-11212: Fixed an issue in allocsarray function in jmemmgr.c bsc1122299. Complete list of...

SUSE-SU-2019:0604-1 Security update for java-1_7_1-ibm

This update for java-171-ibm to version 7.1.4.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl bsc1122293. - CVE-2018-11212: Fixed an issue in allocsarray function in jmemmgr.c bsc1122299. More information:...

Denial Of Service

gc is vulnerable to denial of service DoS. It is possible due to lack of parameter sanitization, allowing the attacker to pass malicious input to the alloc and calloc routines...

CVE-2018-11987

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic...

CVE-2018-11987

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic...

nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted parameters

It was found that the Buffer.fill and Buffer.alloc function may hang. An attacker able to control the input of these function could use this flaw to cause a denial of service...

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1274)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec.CVE-2018-1124 - procps-ng, procps: incorrect integ...

CVE-2018-14775

tssalloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service system crash due to incorrect I/O port access control on the i386 architecture...

Joyent Node.js Denial of Service Vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

RHEL 7 : procps-ng (RHSA-2018:1700)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1700 advisory. - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec CVE-2018-1124 - procps-ng, procps: incorrect integer size in...