kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS

A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211getftmresponderstats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is...

kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c

A flaw was found in the Linux kernel's mwifiex driver implementation when connecting to other WiFi devices in "Test Mode." A kernel memory leak can occur if an error condition is met during the parameter negotiation. This issue can lead to a denial of service if multiple error conditions meeting...

Input validation

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24...

CVE-2019-10620

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24...

kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow

A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct or WiFi peer-to-peer driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network...

kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow

A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct or WiFi peer-to-peer driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network...

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

Information Disclosure

kvm is vulnerable to information disclosure. The vulnerability exists as it was found that some structure padding and reserved fields in certain data structures in QEMU-KVM were not initialized properly before being copied to user-space. A privileged host user with access to "/dev/kvm" could use...

Arbitrary Memory Read

The Linux kernel is vulnerable to arbitrary memory read. A flaw in the IPv6 socket option handling allows a local user to read arbitrary kernel memory...

LSN-0065-1: Kernel Live Patch Security Notice

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 It was discovered that the KVM implementation in the Linux kernel, when...

CVE-2020-1625

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

CVE-2020-1625

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

CVE-2020-1625 Junos OS: Kernel memory leak in virtual-memory due to interface flaps

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

CVE-2020-1625

CVE-2020-1625 describes a kernel memory leak in Junos OS virtual-memory (temp) when IRB is configured with multiple underlay interfaces and one interface flaps, causing DoS through escalating temp memory usage. Affected Junos OS versions span multiple branches (e.g., 16.1, 17.1, 17.2, 17.3, 17.4,...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-32806)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by attackers to cause kernel memory corruption...

CVE-2019-3892

A race condition was found between mmgetnotzero/gettaskmm when core dumping tasks. A local attacker is able to exploit race condition where locking of semaphore would allow an attacker to leak kernel memory to userspace...

Ubuntu: Security Advisory (USN-4318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4320-1: Linux kernel vulnerability

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

Exploit for Use of Uninitialized Resource in Microsoft

CVE-2020-1206 Uninitialized Kernel Memory Read POC c 2020 Z...