DEBIAN-CVE-2019-19064

A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering pmruntimegetsync failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because a...

DEBIAN-CVE-2019-19054

A memory leak in the cx23888irprobe function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering kfifoalloc failures, aka CID-a7b2df76b42b...

UBUNTU-CVE-2019-19064

A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering pmruntimegetsync failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because a...

Linux kernel memory leak vulnerability (CNVD-2019-41270)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory disclosure vulnerability exists in the ca8210probe function in drivers/net/ieee802154/ca8210.c in Linux kern...

Linux kernel memory leak vulnerability (CNVD-2019-41267)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the spigpioprobe function in drivers/spi/spi-gpio.c in Linux kernel 5.3.11 and...

Linux kernel memory leak vulnerability (CNVD-2019-41262)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in Linux kernel 5.3.1...

CVE-2019-16948

An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network as opposed to what general web traffic would see...

Linux kernel memory leak vulnerability (CNVD-2019-40135)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the dwc3pciprobe function in drivers/usb/dwc3/dwc3-pci.c in Linux kernel 5.3.9...

DEBIAN-CVE-2019-18813

A memory leak in the dwc3pciprobe function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory consumption by triggering platformdeviceaddproperties failures, aka CID-9bbfceea12a8...

kernel: oob memory read in hso_probe in drivers/net/usb/hso.c

A flaw was found in the Linux kernel in the function hsoprobe which reads ifnum value from the USB device as an u8 and uses it without a length check to index an array, resulting in an OOB memory read in hsoprobe or hsogetconfigdata. An attacker with a forged USB device and physical access to a...

kernel: oob memory read in hso_probe in drivers/net/usb/hso.c

A flaw was found in the Linux kernel in the function hsoprobe which reads ifnum value from the USB device as an u8 and uses it without a length check to index an array, resulting in an OOB memory read in hsoprobe or hsogetconfigdata. An attacker with a forged USB device and physical access to a...

The vulnerabilities of the microprogramming software for Cisco Small Business routers of the 250, 350, 350X, 550X series, as well as the virtual machines used for setting up and controlling wired and wireless networks by Cisco FindIT Network Probe, allow attackers to increase their privileges.

The vulnerability of the microprogramming software for Cisco Small Business routers of the 250, 350, 350X, 550X series, as well as the Cisco FindIT Network Probe software for configuring and controlling wired and wireless networks, is related to the presence of a hard-coded pair of open/closed ke...

CVE-2019-10161

It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of...

PT-2019-4098 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.11 Description: The issue is related to a memory leak in the cx23888 ir probe function, which can lead to uncontrolled resource consumption. This can be exploited by a remote attacker to cause a denial of...

PT-2019-4204 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.11 Description: The issue is related to two memory leaks in the rtl usb probe function in the Linux kernel, which can cause a denial of service due to memory consumption. This can be exploited by attackers t...

PT-2019-4207 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.11 Description: A memory leak in the spi gpio probe function in drivers/spi/spi-gpio.c allows attackers to cause a denial of service by triggering devm add action or reset failures. This issue is disputed by...

PT-2019-4229 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.11 Description: The issue is related to a memory leak in the fsl lpspi probe function in the Linux kernel, which can cause a denial of service due to memory consumption. This can be triggered by failures in p...

PT-2019-4416 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.8 Description: A memory leak in the ca8210 probe function allows attackers to cause a denial of service by triggering ca8210 get platform data failures. This issue is related to uncontrolled resource...

The vulnerability of the usb_audio_probe function in the Linux operating system allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the usbaudioprobe function in the Linux kernel’s sound/usb/card.c file is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure due to the use of a malicious USB Sound device...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...