USN-4157-2: Linux kernel (HWE) vulnerabilities

USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4162-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4162-1 advisory. It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a...

Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4157-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4157-2 advisory. USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement H...

Ubuntu 19.04 : Linux kernel vulnerabilities (USN-4157-1)

Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14814, CVE-2019-14815,...

The vulnerability in the driver/drivers/media/usb/dvb-usb/dvb-usb-init.c file of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/media/usb/dvb-usb/dvb-usb-init.c file of the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2019-15505

drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic which may be remote via usbip or usbredir...

Linux kernel out-of-bounds read vulnerability (CNVD-2019-32350)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An out-of-bounds read vulnerability exists in drivers/media/usb/dvb-usb/technisat-usb2.c in Linux kernel 5.2.9 and...

DEBIAN-CVE-2019-15213

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver...

UBUNTU-CVE-2019-15213

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver...

CVE-2019-15213

CVE-2019-15213: Linux kernel before 5.2.3 contains a use-after-free in the DVB‑USB driver (drivers/media/usb/dvb-usb/dvb-usb-init.c) triggered by a malicious USB device. The issue is limited to the kernel plasma stack in this component and is mitigated by upgrading to kernel 5.2.3 or newer, per t...

CVE-2019-15213

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver...

kernel security and bug fix update

2.6.32-754.18.2.OL6 - Update genkey bug 25599697 2.6.32-754.18.2 - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 2.6.32-754.18.1 - virt xenbu...

UBUNTU-CVE-2015-9289

In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23...

DEBIAN-CVE-2019-2024

In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2019-2024

In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2019-2024

In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

UBUNTU-CVE-2019-2024

In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2019-3112

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.3 Description The issue is related to a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. This can lead to a denial of service. Recommendations For Linux...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4071)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4071 advisory. - net: cdcether: fix divide by 0 on bad descriptors Bjorn Mork Orabug: 27841392 CVE-2017-16649 - sysctl: Drop reference added by grabheader in...

Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3617-3)

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...