CVE-2019-20794

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID...

PT-2020-12910 · Google +2 · Android +2

Name of the Vulnerable Software and Affected Versions: LG mobile devices with Android OS versions 8.0 through 10.0 Description: An issue was discovered that allows an attacker to gain privileges due to improper exception handling in the MTK kernel. Recommendations: For Android OS versions 8.0...

CVE-2020-11669

An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore functionality for PNVPOWERSAVEAMR, PNVPOWERSAVEUAMOR, and PNVPOWERSAVEAMOR, aka CID-53a712bae5dd...

CVE-2020-11608

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511modeinitregs and ov518modeinitregs when there are zero endpoints, aka CID-998912346c0d...

CVE-2020-11565

An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability...

W1.fi hostapd CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CA...

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE-2019-18809

A memory leak in the af9005identifystate function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory consumption, aka CID-2289adbfa559...

CVE-2019-18805

An issue was discovered in net/ipv4/sysctlnetipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcpinput.c signed integer overflow in tcpackupdatertt when userspace writes a very large integer to /proc/sys/net/ipv4/tcpminrttwlen, leading to a denial of service or possibly unspecified...

CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0...

CVE-2019-15921

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idralloc fails in genlregisterfamily in net/netlink/genetlink.c...

UBUNTU-CVE-2019-15922

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if allocdisk fails in drivers/block/paride/pf.c...

CVE-2019-15212

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver...

CVE-2017-18551

An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2csmbusxferemulated...

CVE-2019-12455

An issue was discovered in sunxidivsclksetup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derivedname, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: This id is disputed as not...

Null pointer dereference

DISPUTED An issue was discovered in ipracontrol in net/ipv4/ipsockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of newra, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: this is disputed because newra is never...

CVE-2019-12379

An issue was discovered in coninsertunipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue...

August 30, 2018—KB4343889 (OS Build 15063.1292)

August 30, 2018—KB4343889 OS Build 15063.1292 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that causes win32kfull.sys to stop working Stop 3B when cancelling journal...

SUSE-SU-2018:3332-1 Security update for xen

This update for xen fixes the following issues: - CVE-2018-17963: qemudeliverpacketiov accepted packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. bsc1111014 - CVE-2018-15468: The DEBUGCTL MSR contains several debugging...

CVE-2018-14614

An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in removedirtysegment in fs/f2fs/segment.c when mounting an f2fs image...