DEBIAN-CVE-2019-19047

A memory leak in the mlx5fwfatalreporterdump function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering mlx5crdumpcollect failures, aka CID-c7ed6d0183d5...

DEBIAN-CVE-2019-19051

A memory leak in the i2400moprfkillswtoggle function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption, aka CID-6f3ef5c25cc7...

CVE-2019-19057

Two memory leaks in the mwifiexpcieinitevtring function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering mwifiexmappcimemory failures, aka CID-d10dcb615c8e...

CVE-2019-19047

A memory leak in the mlx5fwfatalreporterdump function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering mlx5crdumpcollect failures, aka CID-c7ed6d0183d5...

UBUNTU-CVE-2019-19063

Two memory leaks in the rtlusbprobe function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption, aka CID-3f9361695113...

Linux kernel memory leak vulnerability (CNVD-2019-41276)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory disclosure vulnerability exists in the nfpflowerspawnphyreprs function in...

Linux kernel memory leak vulnerability (CNVD-2019-40152)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the af9005identifystate function in drivers/media/usb/dvb-usb/af9005.c in Linux...

UBUNTU-CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0...

PT-2019-4446 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 4.9.0 Description: The issue concerns a relative paths injection in directory entry lists within the Linux kernel CIFS implementation. It is caused by incorrect restriction of the directory path name with limited access...

Linux kernel buffer overflow vulnerability (CNVD-2019-29637)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the 'parseaudiomixerunit' function in the sound/usb/mixer.c file in Linux kernel 5.2.9 and earlier. The vulnerability stems...

DEBIAN-CVE-2019-15215

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2usb.c driver...

Linux Kernel Null Pointer Dereference Vulnerability (CNVD-2019-38263)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A null pointer dereference vulnerability exists in drivers/net/wireless/ath/ath6kl/usb.c in Linux kernel 5.2.8 and...

PT-2019-4477 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.2.10 Description: The issue is related to a use-after-free bug in the Linux kernel, specifically in the drivers/hid/usbhid/hiddev.c driver. This bug can be triggered by a malicious USB device, potentially...

Linux kernel buffer overflow vulnerability (CNVD-2019-25066)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the drivers/net/wireless/iwlwifi/iwl-agn-sta.c file in versions of Linux kernel prior to 3.4. The vulnerability stems from a...

Linux kernel buffer overflow vulnerability (CNVD-2019-38520)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the 'parsehidreportdescriptor' function in the drivers/input/tablet/gtco.c file in Linux kernel 5.2.1 and earlier. The...

PT-2019-4772 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.2.9 Description: The issue is related to an out-of-bounds read in the Linux kernel, specifically in the drivers/media/usb/dvb-usb/technisat-usb2.c component. This can be triggered by crafted USB device traffic,...

Low: Red Hat Security Advisory: kernel-alt security and bug fix update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

HiddenWall - Linux Kernel Module Generator For Custom Rules With Netfilter (Block Ports, Hidden Mode, Rootkit Functions, Etc)

HiddenWall is a Linux kernel module generator for custom rules with netfilter. block ports, Hidden mode, rootkit functions etc. The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that bloc...

CVE-2019-2054

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-2054

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...