CVE-2019-13124

CVE-2019-13124 affects Foxit Reader 9.6.0.25114 and earlier, due to two RecursiveCall bugs in the V8 JavaScript engine that cause uncontrolled recursion, exhausting stack memory in three functions. This is described as a denial of service/crash risk related to stack exhaustion. The connected docu...

Linux kernel information disclosure vulnerability (CNVD-2019-38260)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An information disclosure vulnerability exists in Linux kernel versions prior to 4.17. An attacker can exploit this...

CVE-2019-16921

In the Linux kernel before 4.17, hnsroceallocucontext in drivers/infiniband/hw/hns/hnsrocemain.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813...

CVE-2019-16921

In the Linux kernel before 4.17, hnsroceallocucontext in drivers/infiniband/hw/hns/hnsrocemain.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813...

Information disclosure

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

CVE-2019-16714

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

UBUNTU-CVE-2019-16714

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

Debian: Security Advisory (DLA-1908-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1908-1 : pump security update

It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet length could be forged leading to being able to overwrite up to 'ETHFRAMELEN - sizeofipHdr - sizeofudpHdr - sizeofbresp'...

Unspecified vulnerability in Linux kernel (CNVD-2019-38267)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/scsi/aacraid/commctrl.c file in versions of the Linux kernel prior to 4.13, which stems from aacgethbainfo not...

Unspecified vulnerability in Linux kernel (CNVD-2019-38268)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/scsi/aacraid/commctrl.c file in versions of the Linux kernel prior to 4.13, which stems from the structure of...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-1125: Fix Spectre V1 variant memory disclosure by speculation over the SWAPGS instruction bsc1139358. - CVE-2019-10207: A NULL pointer dereference was possible i...

DEBIAN-CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

DEBIAN-CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

UBUNTU-CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

UBUNTU-CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...