8 matches found
CVE-2019-12382
CVE-2019-12382 affects Linux kernels up to 5.1.5 in drm_load_edid_firmware (drm_edid_load.c). There is an unchecked kstrdup of fwstr, which could lead to a denial of service via a NULL pointer dereference and system crash. The description notes the vendor disputes this as a vulnerability because ...
CVE-2019-12380
CVE-2019-12380 is documented in multiple advisories referencing the Linux kernel EFI handling code. The connected sources specify that the vulnerability arises from how the EFI subsystem handles memory allocation failures in the x86 EFI path: phys_efi_set_virtual_address_map in arch/x86/platform/...
CVE-2019-12455
CVE-2019-12455 affects the Linux kernel code path sunxi_divs_clk_setup in sunxi/clk-sunxi.c (through 5.1.5). The issue is an unchecked kstrndup of derived_name, which could lead to a NULL pointer dereference and system crash (DoS). A vendor/field note in the description mentions the problem is di...
CVE-2019-12454
The CVE-2019-12454 vulnerability affects the Linux kernel up to version 5.1.5 in wcd9335_codec_enable_dec (sound/soc/codecs/wcd9335.c). The issue arises because kstrndup is used instead of kmemdup_nul, which could enable an unspecified impact via unknown vectors. The vendor disputes this as a vul...
CVE-2019-12456
CVE-2019-12456 : A local double-fetch vulnerability in the Linux kernel, affecting the MPT3COMMAND path of _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c. The issue arises from reading ioc_number between two kernel reads, allowing a local attacker to trigger a denial of service or potentia...
CVE-2019-12381
CVE-2019-12381 affects the Linux kernel (ip_ra_control in net/ipv4/ip_sockglue.c) up to version 5.1.5. It describes an unchecked kmalloc for new_ra, which could cause a NULL pointer dereference and system crash (DoS). NOTE: some sources dispute this because new_ra is not used if it is NULL. The c...
CVE-2019-12378
CVE-2019-12378 affects the Linux kernel (up to 5.1.5) in ip6_ra_control (net/ipv6/ipv6_sockglue.c). It involves an unchecked kmalloc of new_ra that could lead to a NULL pointer dereference and system crash (DoS). Note: the issue has been disputed as not an issue in some sources. No public patch d...
CVE-2019-12379
The connected Nessus UNPATCHED_CVE_2019_12379 entry confirms CVE-2019-12379 affects Linux kernel code path con_insert_unipair in drivers/tty/vt/consolemap.c (up to kernel 5.1.5) with a memory leak in an ENOMEM/kmalloc scenario. The description explicitly notes this issue is disputed as an actual ...