Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.9
CVSSv2

CVE-2019-9500

Published: 16/01/2020 Updated: 19/01/2023
CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5
CVSS v3 Base Score: 8.3 | Impact Score: 6 | Exploitability Score: 1.6
VMScore: 706
Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Broadcom

Vulnerability Summary

A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects. (CVE-2019-10142) The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel prior to 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. (CVE-2019-11884) If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw (CVE-2019-9503), can be used remotely. This can result in a remote denial of service (DoS). Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out. (CVE-2019-9500) A new software page cache side channel attack scenario exists in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel. (CVE-2019-5489) A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (CVE-2019-3882)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

broadcom brcmfmac driver -

linux linux kernel

Vendor Advisories

Debian CVElist Bug Report Logs: linux-image-4.19.0-4-amd64: CVE-2019-11815
Debian Bug report logs - #928989 linux-image-4190-4-amd64: CVE-2019-11815 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Jeff Cliff <jeffreycliff@gmailcom> Date: Tue, 14 May 2019 18:39:01 UTC Severity: important Tags: security Found in versions l ...
Debian Security Advisories: DSA-4465-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2019-3846 , CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of ar ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel-alt security and bug fix update
Synopsis Important: kernel-alt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Amazon Linux AMI: ALAS-2019-1214
A flaw was found in the Linux kernel's freescale hypervisor manager implementation A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects (CVE-2019-10142) The d ...
Amazon Linux 2: ALAS2-2019-1214
A flaw was found in the Linux kernel's freescale hypervisor manager implementation A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects(CVE-2019-10142) A new s ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe, linux-azure vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...

References

CWE-787https://kb.cert.org/vuls/id/166939/https://git.kernel.org/linus/1b5e2423164b3670e8bc9174e4762d297990deffhttps://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.htmlhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928989https://usn.ubuntu.com/3980-1/https://www.kb.cert.org/vuls/id/166939https://alas.aws.amazon.com/ALAS-2019-1214.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook