A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects. (CVE-2019-10142) The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel prior to 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. (CVE-2019-11884) If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw (CVE-2019-9503), can be used remotely. This can result in a remote denial of service (DoS). Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out. (CVE-2019-9500) A new software page cache side channel attack scenario exists in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel. (CVE-2019-5489) A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (CVE-2019-3882)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 3.10 |
||
linux linux kernel 4.14 |
||
linux linux kernel 4.18 |
||
fedoraproject fedora |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 14.04 |
||
opensuse leap 42.3 |
||
opensuse leap 15.0 |
||
opensuse leap 15.1 |
||
netapp vasa provider for clustered data ontap |
||
netapp solidfire - |
||
netapp hci management node - |
||
netapp snapprotect - |
||
netapp active iq unified manager for vmware vsphere |
||
netapp virtual storage console for vmware vsphere |
||
netapp storage replication adapter for clustered data ontap for vmware vsphere |
||
netapp cn1610_firmware - |