Lucene search

Aff A700S Firmware Security Vulnerabilities - November 2019

cve

CVE-2019-18805

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unsp...

9.8CVSS

9.1AI Score

0.007EPSS

2019-11-07 02:15 PM

188

cve

CVE-2019-19050

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

7.5CVSS

7.5AI Score

0.015EPSS

2019-11-18 06:15 AM

125

cve

CVE-2019-19069

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

7.5CVSS

6.8AI Score

0.002EPSS

2019-11-18 06:15 AM

cve

CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

4.4CVSS

6AI Score

0.001EPSS

2019-11-28 12:15 AM

145