CVE-2019-14283

Published: 26/07/2019 Updated: 11/08/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.8 | Impact Score: 5.9 | Exploitability Score: 0.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

In the Linux kernel prior to 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Several security issues were fixed in the Linux kernel ...

USN 4115-1 introduced a regression in the Linux kernel ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed If a PCI physical function is passed through to a Xen guest, the guest is able to access its memory and I ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI (SAS) devices, which could lead to a use-after-free It is not clear how thi ...

Impact: Moderate Public Date: 2019-07-26 CWE: (CWE-190|CWE-125) Bugzilla: 1734243: CVE-2019-14283 kerne ...

CWE-125 CWE-190 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6 https://www.debian.org/security/2019/dsa-4495 https://seclists.org/bugtraq/2019/Aug/13 https://www.debian.org/security/2019/dsa-4497 https://seclists.org/bugtraq/2019/Aug/18 https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html https://seclists.org/bugtraq/2019/Aug/26 https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html https://usn.ubuntu.com/4114-1/https://usn.ubuntu.com/4117-1/https://usn.ubuntu.com/4116-1/https://usn.ubuntu.com/4115-1/https://usn.ubuntu.com/4118-1/https://security.netapp.com/advisory/ntap-20190905-0002/http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://access.redhat.com/errata/RHSA-2020:2522 https://nvd.nist.gov https://usn.ubuntu.com/4116-1/

CVE-2019-14283

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect