Vulnerabilites related to netapp - hci_baseboard_management_controller
Vulnerability from fkie_nvd
Published
2022-04-03 21:15
Modified
2024-11-21 06:57
Summary
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
References
cve@mitre.orghttps://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646Patch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2022/07/msg00000.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20220513-0001/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2022/dsa-5127Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2022/dsa-5173Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2022/07/msg00000.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220513-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2022/dsa-5127Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2022/dsa-5173Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "63CEA1F5-F935-4664-88B3-3433F56FFB8B",
                     versionEndIncluding: "5.17.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                     matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                     matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:*",
                     matchCriteriaId: "50E61C0A-01CA-4031-B4E0-D814E1D9CFCC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:*",
                     matchCriteriaId: "8173DC0C-B9BB-4055-95B6-45EB08A3D923",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:*",
                     matchCriteriaId: "14BCD5F2-E3FD-4877-8C93-5EF96008A287",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.",
      },
      {
         lang: "es",
         value: "La función ems_usb_start_xmit en el archivo drivers/net/can/usb/ems_usb.c en el kernel de Linux versiones hasta 5.17.1, presenta una doble liberación",
      },
   ],
   id: "CVE-2022-28390",
   lastModified: "2024-11-21T06:57:17.090",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-04-03T21:15:08.163",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220513-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5127",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5173",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220513-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5127",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5173",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-415",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-21 08:15
Modified
2024-11-21 07:22
Summary
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
References
cve@mitre.orghttp://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.htmlPatch, Third Party Advisory
cve@mitre.orghttps://bugs.chromium.org/p/project-zero/issues/detail?id=2347Exploit, Issue Tracking, Mailing List, Patch, Third Party Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3Release Notes, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2Patch, Vendor Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2022/11/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20230214-0008/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.chromium.org/p/project-zero/issues/detail?id=2347Exploit, Issue Tracking, Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2022/11/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20230214-0008/Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A11C747-E62B-4C31-9CF5-61DFDE2E7028",
                     versionEndExcluding: "5.4.211",
                     versionStartIncluding: "5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2BF720F-C5EE-4DE2-9BDF-CE4CFBC767F4",
                     versionEndExcluding: "5.10.137",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "79D13C82-E06F-4A70-A3D1-C09494FBC94D",
                     versionEndExcluding: "5.12.18",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "853187F6-707A-487B-95C0-621B5211B43C",
                     versionEndExcluding: "5.13.3",
                     versionStartIncluding: "5.13",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "359012F1-2C63-415A-88B8-6726A87830DE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
      },
      {
         lang: "es",
         value: "El archivo mm/mremap.c en el kernel de Linux versiones anteriores a 5.13.3, presenta un uso de memoria previamente liberada por medio de un TLB obsoleto porque un bloqueo rmap no es mantenido durante un movimiento PUD",
      },
   ],
   id: "CVE-2022-41222",
   lastModified: "2024-11-21T07:22:51.743",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-21T08:15:09.047",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0008/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0008/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.htmlThird Party Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177Patch, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4525-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4526-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4527-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4525-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4526-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4527-1/Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
fedoraproject fedora 30
fedoraproject fedora 31
opensuse leap 15.1
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB2904AC-AD7A-498D-8619-CBB421E9165D",
                     versionEndIncluding: "5.3.11",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.",
      },
      {
         lang: "es",
         value: "Una pérdida de memoria en la función cx23888_ir_probe() en el archivo drivers/media/pci/cx23885/cx23888-ir.c en el kernel de Linux versiones hasta la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función de kfifo_alloc(), también se conoce como CID-a7b2df76b42b.",
      },
   ],
   id: "CVE-2019-19054",
   lastModified: "2024-11-21T04:34:05.090",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 4.7,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.4,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 4.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:11.967",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4525-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4526-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4527-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4525-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4526-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4527-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-12-24 00:15
Modified
2024-11-21 04:35
Summary
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
References
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2019/12/24/1Mailing List, Third Party Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9Patch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200204-0002/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4284-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4285-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4427-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4485-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/12/24/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200204-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4284-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4285-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4427-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4485-1/Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BB5C122-1D76-4254-B523-5A7026CE8526",
                     versionEndIncluding: "5.4.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0DA944C-4992-424D-BC82-474585DAC5DF",
                     versionEndIncluding: "11.70.2",
                     versionStartIncluding: "11.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "804B2D7C-D890-4C4C-8A76-1760552E11BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux versiones hasta 5.4.6, se presenta un filtrado de información de la memoria no inicializada hacia un dispositivo USB en el archivo controlador drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c, también se conoce como CID-da2311a6385c.",
      },
   ],
   id: "CVE-2019-19947",
   lastModified: "2024-11-21T04:35:43.153",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 2.1,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "NONE",
               baseScore: 4.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-12-24T00:15:10.963",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/12/24/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4427-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4485-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/12/24/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4427-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4485-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-908",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-05-05 07:15
Modified
2024-11-21 05:00
Summary
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing List, Third Party Advisory, VDB Entry
cve@mitre.orghttps://bugzilla.kernel.org/show_bug.cgi?id=207225Exploit, Issue Tracking, Vendor Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7Release Notes, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02Patch, Third Party Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02Patch, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4387-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4388-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4389-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing List, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.kernel.org/show_bug.cgi?id=207225Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4387-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4388-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4389-1/Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A297BA06-0F48-41A8-86AE-C59682E062FA",
                     versionEndExcluding: "4.19.118",
                     versionStartIncluding: "4.18",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6EFF949-D686-4BFC-A1AC-AB04BFD2ABB4",
                     versionEndExcluding: "5.4.35",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA9191E1-E0BF-43FA-BE45-00A613F9B341",
                     versionEndExcluding: "5.6.7",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BE572F-45C1-467F-918F-FB1276F6B495",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
                     matchCriteriaId: "646FFC2B-6DC4-4BD8-AAE0-81895D397700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "804B2D7C-D890-4C4C-8A76-1760552E11BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.",
      },
      {
         lang: "es",
         value: "Se detectó un problema en el kernel de Linux versiones anteriores a 5.6.7. En la función xdp_umem_reg en el archivo net/xdp/xdp_umem.c se presenta una escritura fuera de límites (por un usuario con la capacidad CAP_NET_ADMIN) debido a una falta de comprobación del headroom.",
      },
   ],
   id: "CVE-2020-12659",
   lastModified: "2024-11-21T05:00:00.760",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-05-05T07:15:11.057",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4387-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4388-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4389-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4387-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4388-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4389-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-05-01 13:15
Modified
2024-11-21 07:58
Summary
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96F47CB7-A27F-4316-BBC3-15AE6B5A0734",
                     versionEndExcluding: "6.0.11",
                     versionStartIncluding: "5.19",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.\n\nBoth io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability.\n\nWe recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.\n\n",
      },
   ],
   id: "CVE-2023-2236",
   lastModified: "2024-11-21T07:58:12.760",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "cve-coordination@google.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-05-01T13:15:44.850",
   references: [
      {
         source: "cve-coordination@google.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d94c04c0db024922e886c9fd429659f22f48ea4",
      },
      {
         source: "cve-coordination@google.com",
         tags: [
            "Exploit",
            "Patch",
         ],
         url: "https://kernel.dance/9d94c04c0db024922e886c9fd429659f22f48ea4",
      },
      {
         source: "cve-coordination@google.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230601-0010/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d94c04c0db024922e886c9fd429659f22f48ea4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Patch",
         ],
         url: "https://kernel.dance/9d94c04c0db024922e886c9fd429659f22f48ea4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230601-0010/",
      },
   ],
   sourceIdentifier: "cve-coordination@google.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "cve-coordination@google.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-26 23:15
Modified
2024-11-21 07:51
Summary
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "031BD5BC-9E38-498A-95A0-B6CA8ED82039",
                     versionEndExcluding: "4.9.334",
                     versionStartIncluding: "2.6.12",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "424802D2-E9E7-48A9-AD6F-DF2227B3D83A",
                     versionEndExcluding: "4.14.300",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5C69A12-68E2-400E-9A5A-375A673C8402",
                     versionEndExcluding: "4.19.267",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94D21814-3051-4860-AB06-C7880A3D4933",
                     versionEndExcluding: "5.4.225",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "24FDE7A3-F8EF-4339-A725-9F238448BCFD",
                     versionEndExcluding: "5.10.156",
                     versionStartIncluding: "5.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "51BBEF3B-79F5-4D4C-ADBA-F34DA0E2465C",
                     versionEndExcluding: "5.15.80",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "64F9ADD1-3ADB-4D66-A00F-4A83010B05F0",
                     versionEndExcluding: "6.0.10",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.",
      },
   ],
   id: "CVE-2023-26607",
   lastModified: "2024-11-21T07:51:51.047",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-26T23:15:10.947",
   references: [
      {
         source: "cve@mitre.org",
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1208703",
      },
      {
         source: "cve@mitre.org",
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36a4d82dddbbd421d2b8e79e1cab68c8126d5075",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
         ],
         url: "https://lkml.org/lkml/2023/2/21/1353",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230316-0010/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1208703",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36a4d82dddbbd421d2b8e79e1cab68c8126d5075",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
         ],
         url: "https://lkml.org/lkml/2023/2/21/1353",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230316-0010/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-01-13 01:15
Modified
2024-11-21 07:46
Summary
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "61643C98-1E94-411D-9C33-E5B3EA3B2167",
                     versionEndExcluding: "4.14.305",
                     versionStartIncluding: "2.6.35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "83C4B95C-BD08-4683-A26E-2A65333F2D15",
                     versionEndExcluding: "4.19.272",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "79CA608C-BC5E-4BB5-9250-771AEC44F412",
                     versionEndExcluding: "5.4.231",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A44D9D24-661C-40D4-8735-4CEB1C7C02F2",
                     versionEndExcluding: "5.10.166",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "91C2E92D-CC25-4FBD-8824-56A148119D7E",
                     versionEndExcluding: "5.15.91",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED5B6045-B1D2-4E03-B194-9005A351BCAE",
                     versionEndExcluding: "6.1.9",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
      },
      {
         lang: "es",
         value: "En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma.",
      },
   ],
   id: "CVE-2023-23559",
   lastModified: "2024-11-21T07:46:25.230",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-01-13T01:15:10.300",
   references: [
      {
         source: "cve@mitre.org",
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230302-0003/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230302-0003/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-01 01:15
Modified
2024-11-21 07:58
Summary
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "38F6F330-91A0-4675-8B90-6F950471A7CC",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.",
      },
      {
         lang: "es",
         value: "Se encontró una falla en el código de registro de búfer fijo para io_uring (io_sqe_buffer_register en io_uring/rsrc.c) en el kernel de Linux que permite el acceso fuera de los límites a la memoria física más allá del final del búfer. Esta falla permite la escalada completa de privilegios locales.",
      },
   ],
   id: "CVE-2023-2598",
   lastModified: "2024-11-21T07:58:54.277",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-01T01:15:17.867",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://www.openwall.com/lists/oss-security/2024/04/24/3",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230703-0006/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2023/05/08/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.openwall.com/lists/oss-security/2024/04/24/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230703-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2023/05/08/3",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-12-08 01:15
Modified
2024-11-21 04:34
Summary
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F394A6D0-32F1-426F-BE11-4C9CA5883518",
                     versionEndExcluding: "3.16.82",
                     versionStartIncluding: "2.6.12",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5795B12-1991-4BF1-81EF-498AF9DE37C7",
                     versionEndExcluding: "4.4.208",
                     versionStartIncluding: "3.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA338C2-413C-4694-928F-798698455346",
                     versionEndExcluding: "4.9.208",
                     versionStartIncluding: "4.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A7DBBB3-CCEB-43B0-9C22-4CB65283A61B",
                     versionEndExcluding: "4.14.159",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8BAC67B0-9B43-45EB-81B8-1A8C2FC6A011",
                     versionEndExcluding: "4.19.90",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8660A0D1-7957-4579-AB80-87339F2A165F",
                     versionEndExcluding: "5.3.17",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C217B8EA-00CB-43AF-A799-F96A0A537A4D",
                     versionEndExcluding: "5.4.4",
                     versionStartIncluding: "5.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux versión 5.0.21, montando una imagen de sistema de archivos ext4 diseñada, al realizar algunas operaciones y desmontarla puede conllevar a un uso de la memoria previamente liberada en la función ext4_put_super en el archivo fs/ext4/super.c, relacionado con la función dump_orphan_list en el archivo fs/ext4/super.do.",
      },
   ],
   id: "CVE-2019-19447",
   lastModified: "2024-11-21T04:34:45.017",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-12-08T01:15:10.383",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200103-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200103-0001/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
Impacted products
Vendor Product Version
linux linux_kernel *
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.10



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DE0A98B-691B-452B-8586-6A95E92C4C98",
                     versionEndExcluding: "5.3.11",
                     versionStartIncluding: "5.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.",
      },
      {
         lang: "es",
         value: "Dos pérdidas de memoria en la función v3d_submit_cl_ioctl() en el archivo drivers/gpu/drm/v3d/v3d_gem.c en el kernel de Linux versiones anteriores a la versión 5.3.11, permiten a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función kcalloc() o v3d_job_init(), también se conoce como CID-29cd13cfd762.",
      },
   ],
   id: "CVE-2019-19044",
   lastModified: "2024-11-21T04:34:03.447",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:11.280",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
cve@mitre.orghttp://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttps://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bbPatch, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
cve@mitre.orghttps://seclists.org/bugtraq/2020/Jan/10Mailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4254-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4254-2/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4284-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4285-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4287-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4287-2/Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bbPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2020/Jan/10Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4254-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4254-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4284-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4285-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4287-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4287-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
oracle sd-wan_edge 8.2
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.10
fedoraproject fedora 30
fedoraproject fedora 31
opensuse leap 15.1
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB2904AC-AD7A-498D-8619-CBB421E9165D",
                     versionEndIncluding: "5.3.11",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C99571-0F3C-43E6-84B3-7D80E045EF8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
      },
      {
         lang: "es",
         value: "Dos pérdidas de memoria en la función rtl_usb_probe() en el archivo drivers/net/wireless/realtek/rtlwifi/usb.c en el kernel de Linux versiones hasta la versión  5.3.11, permiten a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-3f9361695113.",
      },
   ],
   id: "CVE-2019-19063",
   lastModified: "2024-11-21T04:34:06.637",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 4.9,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 4.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:12.547",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2020/Jan/10",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2020/Jan/10",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-05-08 20:15
Modified
2024-11-21 08:02
Summary
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
References
cve@mitre.orghttp://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2023/05/15/5Mailing List, Third Party Advisory
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=2196105Issue Tracking, Mitigation, Third Party Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edabMailing List, Patch
cve@mitre.orghttps://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edabPatch
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2023/06/msg00008.htmlThird Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://news.ycombinator.com/item?id=35879660Issue Tracking
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20230616-0002/Mailing List, Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2023/dsa-5402Mailing List, Third Party Advisory
cve@mitre.orghttps://www.openwall.com/lists/oss-security/2023/05/08/4Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2023/05/15/5Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=2196105Issue Tracking, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edabMailing List, Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edabPatch
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/06/msg00008.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://news.ycombinator.com/item?id=35879660Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20230616-0002/Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2023/dsa-5402Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2023/05/08/4Mailing List, Patch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A2D2397-3B9A-44E9-BC19-9C562202EA30",
                     versionEndExcluding: "4.14.315",
                     versionStartIncluding: "3.13",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AC1BC2D-A61C-4368-A3F6-50DF48E2EFC5",
                     versionEndExcluding: "4.19.283",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E54ACEF5-C8C1-4266-85FC-7D513FFD1DEC",
                     versionEndExcluding: "5.4.243",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "78422AC3-CC89-479E-B4BC-62381D8F3564",
                     versionEndExcluding: "5.10.180",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B9DD776-7F17-4F72-B94F-54BFCBC692DD",
                     versionEndExcluding: "5.15.111",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "08F855F4-7188-4EE1-BD79-D4B6C7E2EF54",
                     versionEndExcluding: "6.1.28",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3844A90B-940D-46C3-8D7B-9FF63F1AFC2F",
                     versionEndExcluding: "6.2.15",
                     versionStartIncluding: "6.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "38F6F330-91A0-4675-8B90-6F950471A7CC",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
      },
   ],
   id: "CVE-2023-32233",
   lastModified: "2024-11-21T08:02:57.280",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-05-08T20:15:20.267",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2023/05/15/5",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mitigation",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2196105",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
         ],
         url: "https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
         ],
         url: "https://news.ycombinator.com/item?id=35879660",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230616-0002/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2023/dsa-5402",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2023/05/08/4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2023/05/15/5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mitigation",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2196105",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
         ],
         url: "https://news.ycombinator.com/item?id=35879660",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230616-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2023/dsa-5402",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2023/05/08/4",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-02-06 01:15
Modified
2024-11-21 05:39
Summary
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://bugzilla.kernel.org/show_bug.cgi?id=206361Exploit, Issue Tracking, Vendor Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200924-0004/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4342-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4344-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4345-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4346-1/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2020/dsa-4698Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.kernel.org/show_bug.cgi?id=206361Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200924-0004/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4342-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4344-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4345-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4346-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2020/dsa-4698Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40157F12-F9F5-4A92-A0FA-213D2809B839",
                     versionEndIncluding: "5.5.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "83FAD281-BF77-4A8A-8F29-B557A6903BE0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.",
      },
      {
         lang: "es",
         value: "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c.",
      },
   ],
   id: "CVE-2020-8648",
   lastModified: "2024-11-21T05:39:11.030",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 3.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-02-06T01:15:10.890",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200924-0004/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4342-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4344-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4345-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4346-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2020/dsa-4698",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200924-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4342-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4344-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4345-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4346-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2020/dsa-4698",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.10
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7172A3FD-611E-40CA-A6DD-349C9DDAC17A",
                     versionEndExcluding: "4.4.262",
                     versionStartIncluding: "3.9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3BB1DB0-B588-4D26-89CB-F67E73EDA007",
                     versionEndExcluding: "4.9.262",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "712E1CC6-B087-4811-8513-30A6E6DFAEBB",
                     versionEndExcluding: "4.14.192",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "924A83F4-1C2A-4B17-8E73-A155635FC9EA",
                     versionEndExcluding: "4.19.137",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC19B2E4-2B1F-44F3-9944-91396EAC744D",
                     versionEndExcluding: "5.3.9",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.",
      },
      {
         lang: "es",
         value: "Una pérdida de memoria en la función adis_update_scan_mode_burst() en el archivo drivers/iio/imu/adis_buffer.c en el kernel de Linux versiones anteriores a 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-9c0530e898f3.",
      },
   ],
   id: "CVE-2019-19061",
   lastModified: "2024-11-21T04:34:06.290",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:12.403",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4208-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4526-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4208-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4526-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-02 05:15
Modified
2024-11-21 07:17
Summary
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
References
cve@mitre.orghttps://bugs.chromium.org/p/project-zero/issues/detail?id=2309Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17Patch, Release Notes, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736Patch, Vendor Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736Patch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20230214-0007/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2023/dsa-5480Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugs.chromium.org/p/project-zero/issues/detail?id=2309Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17Patch, Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20230214-0007/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2023/dsa-5480Third Party Advisory, VDB Entry



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FADC0214-BD61-4A11-B936-B206A73AD588",
                     versionEndExcluding: "5.4.244",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE17DE03-9DE8-4DC5-92CB-D85B24289C74",
                     versionEndExcluding: "5.10.180",
                     versionStartIncluding: "5.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "350B36C3-FE0B-4EE8-A4C3-CF925DCBD809",
                     versionEndExcluding: "5.15.60",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "30793531-9841-4C8F-BED2-AC176CCCF48E",
                     versionEndExcluding: "5.18.17",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en el subsistema KVM x86 en el kernel de Linux versiones anteriores a 5.18.17. Los usuarios invitados no privilegiados pueden comprometer el kernel invitado porque las operaciones de vaciado del TLB son manejadas inapropiadamente en determinadas situaciones de KVM_VCPU_PREEMPTED",
      },
   ],
   id: "CVE-2022-39189",
   lastModified: "2024-11-21T07:17:45.003",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-02T05:15:07.693",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0007/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2023/dsa-5480",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0007/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2023/dsa-5480",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
cve@mitre.orghttp://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttps://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050cPatch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
cve@mitre.orghttps://seclists.org/bugtraq/2020/Jan/10Mailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4254-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4254-2/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4284-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4285-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4287-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4287-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050cPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2020/Jan/10Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4254-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4254-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4284-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4285-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4287-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4287-2/Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.10
debian debian_linux 8.0
fedoraproject fedora 30
fedoraproject fedora 31
opensuse leap 15.1
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB2904AC-AD7A-498D-8619-CBB421E9165D",
                     versionEndIncluding: "5.3.11",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
      },
      {
         lang: "es",
         value: "Dos fugas de memoria en la función mwifiex_pcie_init_evt_ring() en el archivo drivers/net/wireless/marvell/mwifiex/pcie.c en el kernel de Linux versiones hasta la versión 5.3.11, permiten a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función mwifiex_map_pci_memory(), también se conoce como CID-d10dcb615c8e.",
      },
   ],
   id: "CVE-2019-19057",
   lastModified: "2024-11-21T04:34:05.587",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 2.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "LOW",
               baseScore: 3.3,
               baseSeverity: "LOW",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:12.140",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2020/Jan/10",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2020/Jan/10",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4254-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4284-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4285-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4287-2/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9Release Notes, Vendor Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0Patch, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4208-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4210-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4226-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4364-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4208-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4210-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4226-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4364-1/Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.04
canonical ubuntu_linux 19.10
opensuse leap 15.1



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1229D50-3DAA-4031-97C9-8FF008A36A5F",
                     versionEndExcluding: "4.4.262",
                     versionStartIncluding: "3.8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3BB1DB0-B588-4D26-89CB-F67E73EDA007",
                     versionEndExcluding: "4.9.262",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "33EEBE13-936B-4210-9B09-9D61A6BE9A35",
                     versionEndExcluding: "4.14.226",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2083AEA2-E04A-4A55-996D-5BB40D30417A",
                     versionEndExcluding: "4.19.82",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC19B2E4-2B1F-44F3-9944-91396EAC744D",
                     versionEndExcluding: "5.3.9",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
      },
      {
         lang: "es",
         value: "Una pérdida de memoria en la función adis_update_scan_mode_burst() en el archivo drivers/iio/imu/adis_buffer.c en el kernel de Linux versiones anteriores a la versión  5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-9c0530e898f3.",
      },
   ],
   id: "CVE-2019-19060",
   lastModified: "2024-11-21T04:34:06.110",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:12.343",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4208-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4210-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4364-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4208-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4210-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4364-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-04-24 21:15
Modified
2024-11-21 07:57
Summary
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C645DEF-D909-4D54-B5C9-B07E5B6EDB36",
                     versionEndExcluding: "5.10.157",
                     versionStartIncluding: "5.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "899FBA32-27B2-4660-BC94-C43ED4349EB5",
                     versionEndExcluding: "5.15.81",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA01D181-8E71-42E1-ACF4-7A5B65006EC8",
                     versionEndExcluding: "6.0.11",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.",
      },
   ],
   id: "CVE-2023-2006",
   lastModified: "2024-11-21T07:57:45.160",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-04-24T21:15:09.283",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189112",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
         ],
         url: "https://github.com/torvalds/linux/commit/3bcd6c7eaa53",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230609-0004/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-23-439/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189112",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://github.com/torvalds/linux/commit/3bcd6c7eaa53",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230609-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-23-439/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-362",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-362",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-06 04:15
Modified
2024-11-21 06:33
Summary
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
References
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2022/01/17/3Mailing List, Patch, Third Party Advisory
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdfPatch, Third Party Advisory
cve@mitre.orghttps://github.com/libexpat/libexpat/issues/532Exploit, Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://github.com/libexpat/libexpat/pull/538Patch, Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/202209-24Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20220121-0006/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2022/dsa-5073Third Party Advisory
cve@mitre.orghttps://www.tenable.com/security/tns-2022-05Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2022/01/17/3Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libexpat/libexpat/issues/532Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libexpat/libexpat/pull/538Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202209-24Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220121-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2022/dsa-5073Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2022-05Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A2FBF20-7B2C-49FF-83F8-1EF903078751",
                     versionEndExcluding: "2.4.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BE572F-45C1-467F-918F-FB1276F6B495",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
                     matchCriteriaId: "646FFC2B-6DC4-4BD8-AAE0-81895D397700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C42F5145-1F37-40E2-AD83-495F7012BC3D",
                     versionEndExcluding: "8.15.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "112367D4-EF51-4050-834C-7E887A5C52D9",
                     versionEndExcluding: "10.1.1",
                     versionStartIncluding: "10.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "98CC9C9A-FE14-4D50-A8EC-C309229356C8",
                     versionEndExcluding: "3.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
      },
      {
         lang: "es",
         value: "En la función doProlog en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, se presenta un desbordamiento de enteros para m_groupSize.",
      },
   ],
   id: "CVE-2021-46143",
   lastModified: "2024-11-21T06:33:40.590",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-06T04:15:07.017",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/issues/532",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/pull/538",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202209-24",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220121-0006/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5073",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2022-05",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/issues/532",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/pull/538",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202209-24",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220121-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5073",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2022-05",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-01 21:15
Modified
2024-11-21 06:41
Summary
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27D80EB8-EA85-4256-A8F6-CDFA2F92AE24",
                     versionEndExcluding: "3.3",
                     versionStartIncluding: "3.2.85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF2842FE-71A6-4182-B132-2372CFC813B1",
                     versionEndExcluding: "3.17",
                     versionStartIncluding: "3.16.40",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97594C8-AC35-4DF4-82DF-5BF2BCAAA0CE",
                     versionEndExcluding: "3.19",
                     versionStartIncluding: "3.18.54",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E7CEE4C-AE63-4AF4-BE72-1CED351886A3",
                     versionEndExcluding: "4.9.316",
                     versionStartIncluding: "4.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBB1A3B4-E46A-4454-A428-85CC0AC925F6",
                     versionEndExcluding: "4.14.281",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "239757EB-B2DF-4DD4-8EEE-97141186DA12",
                     versionEndExcluding: "4.19.245",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87FC1554-2185-4ED6-BF1C-293AA14FFC32",
                     versionEndExcluding: "5.4.196",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0938CFCC-E5F1-4DA3-B727-F2215F6C6BBA",
                     versionEndExcluding: "5.10.118",
                     versionStartIncluding: "5.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "555641B6-5319-4C13-9CC9-50B1CCF9E816",
                     versionEndExcluding: "5.15.42",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D0772F5-6B38-4D6C-B29E-A04E7CC5CB9F",
                     versionEndExcluding: "5.17.10",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.",
      },
      {
         lang: "es",
         value: "Se ha encontrado una condición de carrera en el kernel de Linux en la función perf_event_open() que puede ser explotada por un usuario no privilegiado para conseguir privilegios de root. El bug permite construir varias primitivas de explotación como un filtrado de información de direcciones del kernel, una ejecución arbitraria, etc",
      },
   ],
   id: "CVE-2022-1729",
   lastModified: "2024-11-21T06:41:20.517",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-01T21:15:09.057",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0006/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2022/05/20/2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230214-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2022/05/20/2",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-366",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-362",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-01-17 18:15
Modified
2024-11-21 07:23
Summary
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86EFD13-93D4-4385-83E8-C665BE8F570F",
                     versionEndExcluding: "4.9.311",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D9B028C-6313-47F9-94B7-5F8122345E49",
                     versionEndExcluding: "4.14.276",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "712D9B45-4B53-4563-94B5-F758AFBBFB0D",
                     versionEndExcluding: "4.19.239",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0ADBA6D-47D8-4518-8D10-9B9196DE680B",
                     versionEndExcluding: "5.4.190",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40432B48-1E9D-48AE-9C76-22177FC744F8",
                     versionEndExcluding: "5.10.112",
                     versionStartIncluding: "5.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "05ABCC3F-88A9-47F9-9D40-8665747B2E43",
                     versionEndExcluding: "5.15.35",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E22C86CB-06CD-4D16-AB2A-F21EE8199262",
                     versionEndExcluding: "5.17.4",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.",
      },
      {
         lang: "es",
         value: "Se encontró una falla en el kernel de Linux. Puede ocurrir una desreferencia de puntero NULL mientras un controlador de deslizamiento está en progreso para desconectarse en sl_tx_timeout en drivers/net/slip/slip.c. Este problema podría permitir que un atacante bloquee el sistema o filtre información interna del kernel.",
      },
   ],
   id: "CVE-2022-41858",
   lastModified: "2024-11-21T07:23:57.000",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-01-17T18:15:11.140",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230223-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230223-0006/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-29 19:15
Modified
2024-11-21 04:59
Summary
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0542D4E3-231E-4A77-86D4-89BC72DCBAB7",
                     versionEndExcluding: "4.19.111",
                     versionStartIncluding: "4.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "969EAF10-7774-45A4-99A8-E946B33706E6",
                     versionEndExcluding: "5.4.26",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "935FAEA6-8487-40DA-A460-9A459030B182",
                     versionEndExcluding: "5.5.10",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BE572F-45C1-467F-918F-FB1276F6B495",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
                     matchCriteriaId: "646FFC2B-6DC4-4BD8-AAE0-81895D397700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "804B2D7C-D890-4C4C-8A76-1760552E11BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.",
      },
      {
         lang: "es",
         value: "Se descubrió un desbordamiento de matriz en la función mt76_add_fragment en el archivo drivers/net/wireless/mediatek/mt76/dma.c en el kernel de Linux versiones anteriores a  la versión 5.5.10, también se conoce como CID-b102f0c522cf. Un paquete de gran tamaño con muchos fragmentos rx puede corromper la memoria de páginas adyacentes.",
      },
   ],
   id: "CVE-2020-12465",
   lastModified: "2024-11-21T04:59:45.510",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-29T19:15:12.907",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-09 20:15
Modified
2024-11-21 08:16
Summary
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
References
secalert@redhat.comhttps://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4Third Party Advisory
secalert@redhat.comhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7Mailing List, Vendor Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory, VDB Entry
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing List, Third Party Advisory
secalert@redhat.comhttps://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/
secalert@redhat.comhttps://security.netapp.com/advisory/ntap-20230706-0004/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20230706-0004/Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0100C89-0C53-496C-8024-4D3E991DCAF1",
                     versionEndExcluding: "4.14.316",
                     versionStartIncluding: "2.6.39",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9112EE64-11F4-46DB-A041-95118F20F81B",
                     versionEndExcluding: "4.19.284",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "79F47095-8BA3-495A-AED3-2CCA5F2838E6",
                     versionEndExcluding: "5.4.244",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5B1726B-45AA-47F2-9261-6DC963E92248",
                     versionEndExcluding: "5.10.181",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3D5E1B5-AB9D-4ECC-8F11-F3E1BF761E27",
                     versionEndExcluding: "5.15.113",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9430E62-03EA-42E6-9E5E-BD1D5124D107",
                     versionEndExcluding: "6.1.30",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26C54BF0-3EED-46D4-92A7-5F07F658B49B",
                     versionEndExcluding: "6.3.4",
                     versionStartIncluding: "6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
      },
   ],
   id: "CVE-2023-3141",
   lastModified: "2024-11-21T08:16:32.843",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-09T20:15:10.327",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
      },
      {
         source: "secalert@redhat.com",
         url: "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230706-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230706-0004/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11Release Notes, Vendor Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817Patch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4225-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4225-2/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4226-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4227-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4227-2/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4228-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4228-2/Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191205-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4225-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4225-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4226-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4227-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4227-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4228-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4228-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlThird Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
oracle sd-wan_edge 8.2
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.04
canonical ubuntu_linux 19.10
debian debian_linux 8.0
opensuse leap 15.1
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp hci_compute_node_firmware -
netapp hci_compute_node -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "466E8514-77DE-442B-A416-897414E503AA",
                     versionEndExcluding: "3.16.79",
                     versionStartIncluding: "3.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FFFFB7E1-E073-4F1D-BE6C-47BC329AB8AB",
                     versionEndExcluding: "4.4.201",
                     versionStartIncluding: "3.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07F85281-8267-466C-A6C2-316BB0201848",
                     versionEndExcluding: "4.9.201",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36AD3D1-719C-427A-B906-E8DA4D38A536",
                     versionEndExcluding: "4.14.154",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "439D2F45-FE93-4C28-9BD9-4289B375BAAB",
                     versionEndExcluding: "4.19.84",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76866D41-FE21-4B5A-A2A0-DDBA43C04B9C",
                     versionEndExcluding: "5.3.11",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C99571-0F3C-43E6-84B3-7D80E045EF8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
      },
      {
         lang: "es",
         value: "Una pérdida de memoria en la función gs_can_open() en el archivo drivers/net/can/usb/gs_usb.c en el kernel de Linux versiones anteriores a la versión  5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función usb_submit_urb(), también se conoce como CID -fb5be6a7b486.",
      },
   ],
   id: "CVE-2019-19052",
   lastModified: "2024-11-21T04:34:04.730",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:11.827",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4227-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4227-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4228-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4228-2/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4225-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4227-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4227-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4228-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4228-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-12-22 20:15
Modified
2024-11-21 04:35
Summary
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
References
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9Mailing List, Patch, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425Mailing List, Patch, Vendor Advisory
cve@mitre.orghttps://github.com/kubernetes/kubernetes/issues/67577Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425Patch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://relistan.com/the-kernel-may-be-slowing-down-your-appExploit, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200204-0002/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4226-1/Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/kubernetes/kubernetes/issues/67577Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://relistan.com/the-kernel-may-be-slowing-down-your-appExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200204-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4226-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72AC7518-B872-42E3-A43B-F2D010211A8D",
                     versionEndExcluding: "5.3.9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C99571-0F3C-43E6-84B3-7D80E045EF8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0DA944C-4992-424D-BC82-474585DAC5DF",
                     versionEndIncluding: "11.70.2",
                     versionStartIncluding: "11.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E3F452-73D7-465E-BC76-5B0DA75240A9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)",
      },
      {
         lang: "es",
         value: "El archivo kernel/sched/fair.c en el kernel de Linux versiones anteriores a 5.3.9, cuando la función cpu.cfs_quota_us es usada (por ejemplo, con Kubernetes), permite a atacantes causar una denegación de servicio contra aplicaciones no vinculadas a la CPU al generar una carga de trabajo que desencadena vencimiento de corte no deseado, también se conoce como CID-de53fd7aedb1. (En otras palabras, aunque esta caducidad de corte se vería típicamente con cargas de trabajo benignas, es posible que un atacante pueda calcular cuántas peticiones extraviadas se requieren para forzar a un clúster Kubernetes completo a un estado de bajo rendimiento causado por la caducidad de corte, y garantizar que un ataque DDoS envió esa cantidad de peticiones perdidas. Un ataque no afecta la estabilidad del kernel; solo causa una gestión inapropiada de una ejecución de la aplicación).",
      },
   ],
   id: "CVE-2019-19922",
   lastModified: "2024-11-21T04:35:40.277",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 2.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-12-22T20:15:10.823",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/kubernetes/kubernetes/issues/67577",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/kubernetes/kubernetes/issues/67577",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4226-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-02-04 23:15
Modified
2024-11-21 06:37
Summary
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B1595BC-C3BF-4F3C-8BF3-3CF85D767DBB",
                     versionEndExcluding: "5.4.134",
                     versionStartIncluding: "5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62",
                     versionEndExcluding: "5.10.52",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E",
                     versionEndExcluding: "5.12.19",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F93FA3CC-0C79-410B-A7D7-245C2AA0723A",
                     versionEndExcluding: "5.13.4",
                     versionStartIncluding: "5.13",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*",
                     matchCriteriaId: "71268287-21A8-4488-AA4F-23C473153131",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
                     matchCriteriaId: "053C1B35-3869-41C2-9551-044182DE0A64",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:*",
                     matchCriteriaId: "50E61C0A-01CA-4031-B4E0-D814E1D9CFCC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:*",
                     matchCriteriaId: "8173DC0C-B9BB-4055-95B6-45EB08A3D923",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:*",
                     matchCriteriaId: "14BCD5F2-E3FD-4877-8C93-5EF96008A287",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.",
      },
      {
         lang: "es",
         value: "Se encontró un defecto de uso de memoria previamente liberada en la función cgroup1_parse_param en el archivo kernel/cgroup/cgroup-v1.c en el analizador cgroup v1 del kernel de Linux. Un atacante local con un privilegio de usuario podría causar una escalada de privilegios al explotar el parámetro de syscall fsconfig, conllevando a una ruptura del contenedor y una denegación de servicio en el sistema",
      },
   ],
   id: "CVE-2021-4154",
   lastModified: "2024-11-21T06:37:00.750",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-02-04T23:15:12.307",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220225-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220225-0004/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-29 18:15
Modified
2024-11-21 04:59
Summary
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlThird Party Advisory
cve@mitre.orghttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8Release Notes, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912bPatch, Vendor Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912bPatch, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlThird Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlThird Party Advisory
cve@mitre.orghttps://lkml.org/lkml/2020/3/23/52Exploit, Vendor Advisory
cve@mitre.orghttps://patchwork.kernel.org/patch/11463781/Patch, Vendor Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4387-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4388-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4389-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4390-1/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/4391-1/Third Party Advisory, VDB Entry
cve@mitre.orghttps://www.debian.org/security/2020/dsa-4698Third Party Advisory, VDB Entry
cve@mitre.orghttps://www.debian.org/security/2020/dsa-4699Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912bPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912bPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lkml.org/lkml/2020/3/23/52Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://patchwork.kernel.org/patch/11463781/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4387-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4388-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4389-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4390-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4391-1/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2020/dsa-4698Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2020/dsa-4699Third Party Advisory, VDB Entry



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F9567FB-F394-443B-9A95-1DA060A9CCA6",
                     versionEndExcluding: "3.16.85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "37309B4F-90F2-4B13-A8F4-5A9F0FE59052",
                     versionEndExcluding: "4.4.221",
                     versionStartIncluding: "3.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "89728144-CE11-450A-A8ED-3C0606DB6806",
                     versionEndExcluding: "4.9.221",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E600389-8ACB-4C7B-A74A-3A8343ACE6D4",
                     versionEndExcluding: "4.14.178",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0FB4B86-B8D8-473E-8D1D-3C058D143AF6",
                     versionEndExcluding: "4.19.119",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0ABDE4F3-29C6-459E-B0B7-751B93447AF0",
                     versionEndExcluding: "5.4.36",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D62C084A-6676-40AF-868A-D90CDFAB7DDD",
                     versionEndExcluding: "5.6.8",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
                     matchCriteriaId: "27227B35-932A-4035-B39F-6A455753C0D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D20B9-166F-423D-8C48-A23D3026E33B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4AD592C-222D-4C6F-B176-8145A1A5AFEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
                     matchCriteriaId: "8603654B-A8A9-4DEB-B0DD-C82E1C885749",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BE572F-45C1-467F-918F-FB1276F6B495",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
                     matchCriteriaId: "646FFC2B-6DC4-4BD8-AAE0-81895D397700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "C855C933-F271-45E6-8E85-8D7CF2EF1BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "855D6A52-F96F-4CA0-A59C-4D42173F22E1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D452B464-1200-4B72-9A89-42DC58486191",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FED1B0D-F901-413A-85D9-05D4C427570D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.",
      },
      {
         lang: "es",
         value: "a función usb_sg_cancel en el archivo drivers/usb/core/message.c en el kernel de Linux versiones anteriores a la versión 5.6.8, tiene un uso de la memoria previamente liberada porque se produce una transferencia sin una referencia, también se conoce como CID-056ad39ee925.",
      },
   ],
   id: "CVE-2020-12464",
   lastModified: "2024-11-21T04:59:45.340",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-29T18:15:13.597",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://lkml.org/lkml/2020/3/23/52",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://patchwork.kernel.org/patch/11463781/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4387-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4388-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4389-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4390-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://usn.ubuntu.com/4391-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2020/dsa-4698",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2020/dsa-4699",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://lkml.org/lkml/2020/3/23/52",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://patchwork.kernel.org/patch/11463781/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4387-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4388-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4389-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4390-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://usn.ubuntu.com/4391-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2020/dsa-4698",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.debian.org/security/2020/dsa-4699",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-01 19:15
Modified
2024-11-21 06:33
Summary
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
References
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2022/01/17/3Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=1217609Issue Tracking, Permissions Required, Third Party Advisory
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdfPatch, Third Party Advisory
cve@mitre.orghttps://github.com/libexpat/libexpat/issues/531Exploit, Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://github.com/libexpat/libexpat/pull/534Patch, Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/202209-24Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20220121-0004/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2022/dsa-5073Issue Tracking, Third Party Advisory
cve@mitre.orghttps://www.tenable.com/security/tns-2022-05Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2022/01/17/3Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1217609Issue Tracking, Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libexpat/libexpat/issues/531Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libexpat/libexpat/pull/534Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202209-24Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220121-0004/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2022/dsa-5073Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2022-05Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A2FBF20-7B2C-49FF-83F8-1EF903078751",
                     versionEndExcluding: "2.4.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C42F5145-1F37-40E2-AD83-495F7012BC3D",
                     versionEndExcluding: "8.15.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "112367D4-EF51-4050-834C-7E887A5C52D9",
                     versionEndExcluding: "10.1.1",
                     versionStartIncluding: "10.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "98CC9C9A-FE14-4D50-A8EC-C309229356C8",
                     versionEndExcluding: "3.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BE572F-45C1-467F-918F-FB1276F6B495",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
                     matchCriteriaId: "646FFC2B-6DC4-4BD8-AAE0-81895D397700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
      },
      {
         lang: "es",
         value: "En Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, un desplazamiento a la izquierda por 29 (o más) lugares en la función storeAtts en el archivo xmlparse.c puede conllevar a un comportamiento incorrecto de reasignación (por ejemplo, asignar muy pocos bytes, o sólo liberar memoria).",
      },
   ],
   id: "CVE-2021-45960",
   lastModified: "2024-11-21T06:33:22.270",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "COMPLETE",
               baseScore: 9,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-01T19:15:08.030",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Permissions Required",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/issues/531",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/pull/534",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202209-24",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220121-0004/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5073",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2022-05",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Permissions Required",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/issues/531",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libexpat/libexpat/pull/534",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202209-24",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220121-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2022/dsa-5073",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2022-05",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-682",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-18 06:15
Modified
2024-11-21 04:34
Summary
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
Impacted products
Vendor Product Version
linux linux_kernel *
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.10
netapp active_iq_unified_manager -
netapp aff_baseboard_management_controller -
netapp cloud_backup -
netapp data_availability_services -
netapp e-series_santricity_os_controller 11.0
netapp e-series_santricity_os_controller 11.0.0
netapp e-series_santricity_os_controller 11.20
netapp e-series_santricity_os_controller 11.25
netapp e-series_santricity_os_controller 11.30
netapp e-series_santricity_os_controller 11.30.5r3
netapp e-series_santricity_os_controller 11.40
netapp e-series_santricity_os_controller 11.40.3r2
netapp e-series_santricity_os_controller 11.40.5
netapp e-series_santricity_os_controller 11.50.1
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.50.2
netapp e-series_santricity_os_controller 11.60
netapp e-series_santricity_os_controller 11.60.0
netapp e-series_santricity_os_controller 11.60.1
netapp e-series_santricity_os_controller 11.60.3
netapp e-series_santricity_os_controller 11.70.1
netapp e-series_santricity_os_controller 11.70.2
netapp fas\/aff_baseboard_management_controller -
netapp hci_baseboard_management_controller h610s
netapp solidfire\,_enterprise_sds_\&_hci_storage_node -
netapp solidfire_\&_hci_management_node -
netapp steelstore_cloud_integrated_storage -
broadcom brocade_fabric_operating_system_firmware -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -
netapp hci_compute_node_firmware -
netapp hci_compute_node -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81529934-E2E4-4EDA-8787-54E9CB8B046D",
                     versionEndExcluding: "5.4.12",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C0ADE5D-F91D-4E0D-B6C5-3511B19665F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "24377899-5389-4BDC-AC82-0E4186F4DE53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FE83DE-AE7C-4313-88E3-886110C31302",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
                     matchCriteriaId: "490B327B-AC20-419B-BB76-8AB6971304BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
                     matchCriteriaId: "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "039C3790-5AA2-4895-AEAE-CC84A71DB907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA78068-80E9-4E49-9056-88EAB7E3682C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7992E92-B159-4810-B895-01A9B944058A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.",
      },
      {
         lang: "es",
         value: "Una pérdida de memoria en la función rpmsg_eptdev_write_iter() en el archivo drivers/rpmsg/rpmsg_char.c en el kernel de Linux versiones hasta la versión 5.3.11, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la función copy_from_iter_full(), también se conoce como CID-bbe692e349e2.",
      },
   ],
   id: "CVE-2019-19053",
   lastModified: "2024-11-21T04:34:04.910",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-18T06:15:11.903",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4300-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4301-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4300-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4301-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-12-25 04:15
Modified
2024-11-21 04:35
Summary
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE1B441A-7B5E-438A-860F-D760D3A2FBBA",
                     versionEndExcluding: "5.1.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0DA944C-4992-424D-BC82-474585DAC5DF",
                     versionEndIncluding: "11.70.2",
                     versionStartIncluding: "11.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:fas\\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66EEA3CA-8CC7-4F0B-8204-6132D4114873",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7C6010-F736-4BDA-9E3B-C4370BBFA149",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "804B2D7C-D890-4C4C-8A76-1760552E11BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux versiones anteriores a 5.1.6, se presenta un uso de la memoria previamente liberada de la función cpia2_exit() en el archivo drivers/media/usb/cpia2/cpia2_v4l.c que causará una denegación de servicio, también se conoce como CID-dea37a972655.",
      },
   ],
   id: "CVE-2019-19966",
   lastModified: "2024-11-21T04:35:45.820",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 2.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 4.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-12-25T04:15:12.457",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2019-19947
Vulnerability from cvelistv5
Published
2019-12-23 23:12
Modified
2024-08-05 02:32
Severity ?
Summary
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:32:10.165Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
               },
               {
                  name: "[oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/12/24/1",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
               },
               {
                  name: "USN-4285-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4285-1/",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
               {
                  name: "USN-4284-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4284-1/",
               },
               {
                  name: "USN-4427-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4427-1/",
               },
               {
                  name: "USN-4485-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4485-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-15T17:06:16",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
            },
            {
               name: "[oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/12/24/1",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
            },
            {
               name: "USN-4285-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4285-1/",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
            {
               name: "USN-4284-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4284-1/",
            },
            {
               name: "USN-4427-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4427-1/",
            },
            {
               name: "USN-4485-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4485-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19947",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/da2311a6385c3b499da2ed5d9be59ce331fa93e9",
                  },
                  {
                     name: "[oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2019/12/24/1",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                  },
                  {
                     name: "USN-4285-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4285-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
                  },
                  {
                     name: "USN-4284-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4284-1/",
                  },
                  {
                     name: "USN-4427-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4427-1/",
                  },
                  {
                     name: "USN-4485-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4485-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19947",
      datePublished: "2019-12-23T23:12:42",
      dateReserved: "2019-12-23T00:00:00",
      dateUpdated: "2024-08-05T02:32:10.165Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12659
Vulnerability from cvelistv5
Published
2020-05-05 06:13
Modified
2024-08-04 12:04
Severity ?
Summary
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:04:22.566Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
               },
               {
                  name: "openSUSE-SU-2020:0801",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
               },
               {
                  name: "USN-4388-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4388-1/",
               },
               {
                  name: "USN-4389-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4389-1/",
               },
               {
                  name: "USN-4387-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4387-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-17T17:06:17",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
            },
            {
               name: "openSUSE-SU-2020:0801",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
            },
            {
               name: "USN-4388-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4388-1/",
            },
            {
               name: "USN-4389-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4389-1/",
            },
            {
               name: "USN-4387-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4387-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12659",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
                     refsource: "MISC",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=207225",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
                  },
                  {
                     name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
                     refsource: "MISC",
                     url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99e3a236dd43d06c65af0a2ef9cb44306aef6e02",
                  },
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                  },
                  {
                     name: "openSUSE-SU-2020:0801",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
                  },
                  {
                     name: "USN-4388-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4388-1/",
                  },
                  {
                     name: "USN-4389-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4389-1/",
                  },
                  {
                     name: "USN-4387-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4387-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12659",
      datePublished: "2020-05-05T06:13:15",
      dateReserved: "2020-05-05T00:00:00",
      dateUpdated: "2024-08-04T12:04:22.566Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-8648
Vulnerability from cvelistv5
Published
2020-02-06 00:06
Modified
2024-08-04 10:03
Severity ?
Summary
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T10:03:46.257Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
               },
               {
                  name: "openSUSE-SU-2020:0336",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
               },
               {
                  name: "USN-4344-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4344-1/",
               },
               {
                  name: "USN-4345-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4345-1/",
               },
               {
                  name: "USN-4342-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4342-1/",
               },
               {
                  name: "USN-4346-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4346-1/",
               },
               {
                  name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
               },
               {
                  name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
               },
               {
                  name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
               },
               {
                  name: "DSA-4698",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2020/dsa-4698",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200924-0004/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-24T11:06:09",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
            },
            {
               name: "openSUSE-SU-2020:0336",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
            },
            {
               name: "USN-4344-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4344-1/",
            },
            {
               name: "USN-4345-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4345-1/",
            },
            {
               name: "USN-4342-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4342-1/",
            },
            {
               name: "USN-4346-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4346-1/",
            },
            {
               name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
            },
            {
               name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
            },
            {
               name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
            },
            {
               name: "DSA-4698",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2020/dsa-4698",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200924-0004/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-8648",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
                     refsource: "MISC",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=206361",
                  },
                  {
                     name: "openSUSE-SU-2020:0336",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
                  },
                  {
                     name: "USN-4344-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4344-1/",
                  },
                  {
                     name: "USN-4345-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4345-1/",
                  },
                  {
                     name: "USN-4342-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4342-1/",
                  },
                  {
                     name: "USN-4346-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4346-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
                  },
                  {
                     name: "DSA-4698",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2020/dsa-4698",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200924-0004/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200924-0004/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-8648",
      datePublished: "2020-02-06T00:06:36",
      dateReserved: "2020-02-06T00:00:00",
      dateUpdated: "2024-08-04T10:03:46.257Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-28390
Vulnerability from cvelistv5
Published
2022-04-03 20:07
Modified
2024-08-03 05:56
Severity ?
Summary
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T05:56:15.238Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
               },
               {
                  name: "FEDORA-2022-af492757d9",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/",
               },
               {
                  name: "FEDORA-2022-5cd9d787dc",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/",
               },
               {
                  name: "FEDORA-2022-91633399ff",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/",
               },
               {
                  name: "DSA-5127",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2022/dsa-5127",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220513-0001/",
               },
               {
                  name: "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
               },
               {
                  name: "DSA-5173",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2022/dsa-5173",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-04T10:11:58",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
            },
            {
               name: "FEDORA-2022-af492757d9",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/",
            },
            {
               name: "FEDORA-2022-5cd9d787dc",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/",
            },
            {
               name: "FEDORA-2022-91633399ff",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/",
            },
            {
               name: "DSA-5127",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2022/dsa-5127",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20220513-0001/",
            },
            {
               name: "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
            },
            {
               name: "DSA-5173",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2022/dsa-5173",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-28390",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646",
                  },
                  {
                     name: "FEDORA-2022-af492757d9",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/",
                  },
                  {
                     name: "FEDORA-2022-5cd9d787dc",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/",
                  },
                  {
                     name: "FEDORA-2022-91633399ff",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/",
                  },
                  {
                     name: "DSA-5127",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2022/dsa-5127",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20220513-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20220513-0001/",
                  },
                  {
                     name: "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
                  },
                  {
                     name: "DSA-5173",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2022/dsa-5173",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-28390",
      datePublished: "2022-04-03T20:07:21",
      dateReserved: "2022-04-03T00:00:00",
      dateUpdated: "2024-08-03T05:56:15.238Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12465
Vulnerability from cvelistv5
Published
2020-04-29 18:52
Modified
2024-08-04 11:56
Severity ?
Summary
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T11:56:52.066Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-08T12:06:17",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12465",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2",
                  },
                  {
                     name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
                     refsource: "MISC",
                     url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2",
                  },
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12465",
      datePublished: "2020-04-29T18:52:38",
      dateReserved: "2020-04-29T00:00:00",
      dateUpdated: "2024-08-04T11:56:52.066Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-23559
Vulnerability from cvelistv5
Published
2023-01-13 00:00
Modified
2024-08-02 10:35
Severity ?
Summary
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T10:35:33.175Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230302-0003/",
               },
               {
                  name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
               },
               {
                  name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-25T00:41:20.856168",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com/",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230302-0003/",
            },
            {
               name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
            },
            {
               name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
            },
            {
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2023-23559",
      datePublished: "2023-01-13T00:00:00",
      dateReserved: "2023-01-13T00:00:00",
      dateUpdated: "2024-08-02T10:35:33.175Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19053
Vulnerability from cvelistv5
Published
2019-11-18 05:23
Modified
2024-08-05 02:09
Severity ?
Summary
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:38.802Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "USN-4300-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4300-1/",
               },
               {
                  name: "USN-4301-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4301-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-02T23:06:02",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "USN-4300-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4300-1/",
            },
            {
               name: "USN-4301-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4301-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19053",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "USN-4300-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4300-1/",
                  },
                  {
                     name: "USN-4301-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4301-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19053",
      datePublished: "2019-11-18T05:23:51",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:38.802Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19061
Vulnerability from cvelistv5
Published
2019-11-18 05:24
Modified
2024-08-05 02:09
Severity ?
Summary
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:38.231Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
               },
               {
                  name: "USN-4208-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4208-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "USN-4526-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4526-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-25T17:06:13",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
            },
            {
               name: "USN-4208-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4208-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "USN-4526-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4526-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19061",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873",
                  },
                  {
                     name: "USN-4208-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4208-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "USN-4526-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4526-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19061",
      datePublished: "2019-11-18T05:24:03",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:38.231Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-41858
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-08-03 12:56
Severity ?
Summary
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
Impacted products
Vendor Product Version
n/a Linux kernel Version: unknown
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T12:56:38.264Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230223-0006/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "unknown",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-23T00:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230223-0006/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2022-41858",
      datePublished: "2023-01-17T00:00:00",
      dateReserved: "2022-09-30T00:00:00",
      dateUpdated: "2024-08-03T12:56:38.264Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2006
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2024-08-02 06:05
Severity ?
Summary
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
Impacted products
Vendor Product Version
n/a Linux kernel's RxRPC network protocol Version: Fixed in kernel v6.1-rc7
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:05:27.118Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189112",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-23-439/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/3bcd6c7eaa53",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230609-0004/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel's RxRPC network protocol",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Fixed in kernel v6.1-rc7",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-362",
                     description: "CWE-362",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-06-09T00:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189112",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-23-439/",
            },
            {
               url: "https://github.com/torvalds/linux/commit/3bcd6c7eaa53",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230609-0004/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-2006",
      datePublished: "2023-04-24T00:00:00",
      dateReserved: "2023-04-12T00:00:00",
      dateUpdated: "2024-08-02T06:05:27.118Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-39189
Vulnerability from cvelistv5
Published
2022-09-02 00:00
Modified
2024-08-03 12:00
Severity ?
Summary
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T12:00:43.761Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230214-0007/",
               },
               {
                  name: "DSA-5480",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2023/dsa-5480",
               },
               {
                  name: "[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-19T23:06:35.534082",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309",
            },
            {
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17",
            },
            {
               url: "https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736",
            },
            {
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230214-0007/",
            },
            {
               name: "DSA-5480",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.debian.org/security/2023/dsa-5480",
            },
            {
               name: "[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-39189",
      datePublished: "2022-09-02T00:00:00",
      dateReserved: "2022-09-02T00:00:00",
      dateUpdated: "2024-08-03T12:00:43.761Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19054
Vulnerability from cvelistv5
Published
2019-11-18 05:23
Modified
2024-08-05 02:09
Severity ?
Summary
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:39.134Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
               },
               {
                  name: "FEDORA-2019-021c968423",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
               },
               {
                  name: "FEDORA-2019-34a75d7e61",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "openSUSE-SU-2020:0336",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
               },
               {
                  name: "USN-4527-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4527-1/",
               },
               {
                  name: "USN-4526-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4526-1/",
               },
               {
                  name: "USN-4525-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4525-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-25T22:06:12",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
            },
            {
               name: "FEDORA-2019-021c968423",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
            },
            {
               name: "FEDORA-2019-34a75d7e61",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "openSUSE-SU-2020:0336",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
            },
            {
               name: "USN-4527-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4527-1/",
            },
            {
               name: "USN-4526-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4526-1/",
            },
            {
               name: "USN-4525-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4525-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19054",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177",
                  },
                  {
                     name: "FEDORA-2019-021c968423",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
                  },
                  {
                     name: "FEDORA-2019-34a75d7e61",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "openSUSE-SU-2020:0336",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
                  },
                  {
                     name: "USN-4527-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4527-1/",
                  },
                  {
                     name: "USN-4526-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4526-1/",
                  },
                  {
                     name: "USN-4525-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4525-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19054",
      datePublished: "2019-11-18T05:23:53",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:39.134Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19052
Vulnerability from cvelistv5
Published
2019-11-18 05:23
Modified
2024-08-05 02:09
Severity ?
Summary
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:38.573Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "openSUSE-SU-2019:2675",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
               },
               {
                  name: "USN-4228-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4228-1/",
               },
               {
                  name: "USN-4227-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4227-1/",
               },
               {
                  name: "USN-4226-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4226-1/",
               },
               {
                  name: "USN-4225-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4225-1/",
               },
               {
                  name: "USN-4228-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4228-2/",
               },
               {
                  name: "USN-4227-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4227-2/",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  name: "USN-4225-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4225-2/",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-06-14T17:20:10",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "openSUSE-SU-2019:2675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
            },
            {
               name: "USN-4228-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4228-1/",
            },
            {
               name: "USN-4227-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4227-1/",
            },
            {
               name: "USN-4226-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4226-1/",
            },
            {
               name: "USN-4225-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4225-1/",
            },
            {
               name: "USN-4228-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4228-2/",
            },
            {
               name: "USN-4227-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4227-2/",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               name: "USN-4225-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4225-2/",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19052",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "openSUSE-SU-2019:2675",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
                  },
                  {
                     name: "USN-4228-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4228-1/",
                  },
                  {
                     name: "USN-4227-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4227-1/",
                  },
                  {
                     name: "USN-4226-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4226-1/",
                  },
                  {
                     name: "USN-4225-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4225-1/",
                  },
                  {
                     name: "USN-4228-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4228-2/",
                  },
                  {
                     name: "USN-4227-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4227-2/",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "USN-4225-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4225-2/",
                  },
                  {
                     name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/fb5be6a7b4863ecc44963bb80ca614584b6c7817",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19052",
      datePublished: "2019-11-18T05:23:50",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:38.573Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19063
Vulnerability from cvelistv5
Published
2019-11-18 05:24
Modified
2024-08-05 02:09
Severity ?
Summary
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:39.242Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "FEDORA-2019-021c968423",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
               },
               {
                  name: "FEDORA-2019-34a75d7e61",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
               },
               {
                  name: "openSUSE-SU-2019:2675",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
               },
               {
                  name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2020/Jan/10",
               },
               {
                  name: "USN-4254-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4254-1/",
               },
               {
                  name: "USN-4254-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4254-2/",
               },
               {
                  name: "USN-4285-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4285-1/",
               },
               {
                  name: "USN-4287-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4287-1/",
               },
               {
                  name: "USN-4287-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4287-2/",
               },
               {
                  name: "USN-4284-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4284-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-06-14T17:20:10",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "FEDORA-2019-021c968423",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
            },
            {
               name: "FEDORA-2019-34a75d7e61",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
            },
            {
               name: "openSUSE-SU-2019:2675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
            },
            {
               name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2020/Jan/10",
            },
            {
               name: "USN-4254-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4254-1/",
            },
            {
               name: "USN-4254-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4254-2/",
            },
            {
               name: "USN-4285-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4285-1/",
            },
            {
               name: "USN-4287-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4287-1/",
            },
            {
               name: "USN-4287-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4287-2/",
            },
            {
               name: "USN-4284-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4284-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19063",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "FEDORA-2019-021c968423",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
                  },
                  {
                     name: "FEDORA-2019-34a75d7e61",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
                  },
                  {
                     name: "openSUSE-SU-2019:2675",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
                  },
                  {
                     name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
                     refsource: "BUGTRAQ",
                     url: "https://seclists.org/bugtraq/2020/Jan/10",
                  },
                  {
                     name: "USN-4254-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4254-1/",
                  },
                  {
                     name: "USN-4254-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4254-2/",
                  },
                  {
                     name: "USN-4285-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4285-1/",
                  },
                  {
                     name: "USN-4287-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4287-1/",
                  },
                  {
                     name: "USN-4287-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4287-2/",
                  },
                  {
                     name: "USN-4284-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4284-1/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19063",
      datePublished: "2019-11-18T05:24:05",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:39.242Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12464
Vulnerability from cvelistv5
Published
2020-04-29 17:59
Modified
2024-08-04 11:56
Severity ?
Summary
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T11:56:52.059Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/11463781/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://lkml.org/lkml/2020/3/23/52",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
               },
               {
                  name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
               },
               {
                  name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
               },
               {
                  name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
               },
               {
                  name: "DSA-4698",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2020/dsa-4698",
               },
               {
                  name: "DSA-4699",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2020/dsa-4699",
               },
               {
                  name: "openSUSE-SU-2020:0801",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
               },
               {
                  name: "USN-4388-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4388-1/",
               },
               {
                  name: "USN-4389-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4389-1/",
               },
               {
                  name: "USN-4387-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4387-1/",
               },
               {
                  name: "USN-4390-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4390-1/",
               },
               {
                  name: "USN-4391-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4391-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-22T21:06:23",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://patchwork.kernel.org/patch/11463781/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://lkml.org/lkml/2020/3/23/52",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
            },
            {
               name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
            },
            {
               name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
            },
            {
               name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
            },
            {
               name: "DSA-4698",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2020/dsa-4698",
            },
            {
               name: "DSA-4699",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2020/dsa-4699",
            },
            {
               name: "openSUSE-SU-2020:0801",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
            },
            {
               name: "USN-4388-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4388-1/",
            },
            {
               name: "USN-4389-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4389-1/",
            },
            {
               name: "USN-4387-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4387-1/",
            },
            {
               name: "USN-4390-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4390-1/",
            },
            {
               name: "USN-4391-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4391-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12464",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://patchwork.kernel.org/patch/11463781/",
                     refsource: "MISC",
                     url: "https://patchwork.kernel.org/patch/11463781/",
                  },
                  {
                     name: "https://lkml.org/lkml/2020/3/23/52",
                     refsource: "MISC",
                     url: "https://lkml.org/lkml/2020/3/23/52",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
                  },
                  {
                     name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
                     refsource: "MISC",
                     url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
                  },
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200608-0001/",
                  },
                  {
                     name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
                  },
                  {
                     name: "DSA-4698",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2020/dsa-4698",
                  },
                  {
                     name: "DSA-4699",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2020/dsa-4699",
                  },
                  {
                     name: "openSUSE-SU-2020:0801",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
                  },
                  {
                     name: "USN-4388-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4388-1/",
                  },
                  {
                     name: "USN-4389-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4389-1/",
                  },
                  {
                     name: "USN-4387-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4387-1/",
                  },
                  {
                     name: "USN-4390-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4390-1/",
                  },
                  {
                     name: "USN-4391-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4391-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12464",
      datePublished: "2020-04-29T17:59:51",
      dateReserved: "2020-04-29T00:00:00",
      dateUpdated: "2024-08-04T11:56:52.059Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2236
Vulnerability from cvelistv5
Published
2023-05-01 12:50
Modified
2024-08-02 06:19
Summary
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.
Impacted products
Vendor Product Version
Linux Linux Kernel Version: 5.19   < 6.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:19:13.600Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "patch",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d94c04c0db024922e886c9fd429659f22f48ea4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kernel.dance/9d94c04c0db024922e886c9fd429659f22f48ea4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230601-0010/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               packageName: "kernel",
               product: "Linux Kernel",
               repo: "https://git.kernel.org",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "6.1",
                     status: "affected",
                     version: "5.19",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2022-11-25T13:54:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.</p><p>Both&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">io_install_fixed_file</span>&nbsp;and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability.</p><p>We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.</p>",
                  },
               ],
               value: "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.\n\nBoth io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability.\n\nWe recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-233",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-233 Privilege Escalation",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416 Use After Free",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-05-01T12:50:47.742Z",
            orgId: "14ed7db2-1595-443d-9d34-6215bf890778",
            shortName: "Google",
         },
         references: [
            {
               tags: [
                  "patch",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d94c04c0db024922e886c9fd429659f22f48ea4",
            },
            {
               url: "https://kernel.dance/9d94c04c0db024922e886c9fd429659f22f48ea4",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230601-0010/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Use-after-free in Linux kernel's Performance Events subsystem",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "14ed7db2-1595-443d-9d34-6215bf890778",
      assignerShortName: "Google",
      cveId: "CVE-2023-2236",
      datePublished: "2023-05-01T12:50:47.742Z",
      dateReserved: "2023-04-21T17:43:28.315Z",
      dateUpdated: "2024-08-02T06:19:13.600Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-32233
Vulnerability from cvelistv5
Published
2023-05-08 00:00
Modified
2024-08-02 15:10
Severity ?
Summary
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T15:10:23.978Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2023/05/08/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://news.ycombinator.com/item?id=35879660",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2196105",
               },
               {
                  name: "DSA-5402",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2023/dsa-5402",
               },
               {
                  name: "[oss-security] 20230515 Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2023/05/15/5",
               },
               {
                  name: "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230616-0002/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
               },
               {
                  name: "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-07-27T00:00:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://www.openwall.com/lists/oss-security/2023/05/08/4",
            },
            {
               url: "https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab",
            },
            {
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab",
            },
            {
               url: "https://news.ycombinator.com/item?id=35879660",
            },
            {
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2196105",
            },
            {
               name: "DSA-5402",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.debian.org/security/2023/dsa-5402",
            },
            {
               name: "[oss-security] 20230515 Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2023/05/15/5",
            },
            {
               name: "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230616-0002/",
            },
            {
               url: "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
            },
            {
               name: "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2023-32233",
      datePublished: "2023-05-08T00:00:00",
      dateReserved: "2023-05-05T00:00:00",
      dateUpdated: "2024-08-02T15:10:23.978Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-41222
Vulnerability from cvelistv5
Published
2022-09-21 00:00
Modified
2024-08-03 12:35
Severity ?
Summary
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T12:35:49.614Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html",
               },
               {
                  name: "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230214-0008/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-15T00:00:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3",
            },
            {
               url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347",
            },
            {
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2",
            },
            {
               url: "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html",
            },
            {
               name: "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230214-0008/",
            },
            {
               url: "http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-41222",
      datePublished: "2022-09-21T00:00:00",
      dateReserved: "2022-09-21T00:00:00",
      dateUpdated: "2024-08-03T12:35:49.614Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-45960
Vulnerability from cvelistv5
Published
2022-01-01 18:47
Modified
2024-08-04 04:54
Severity ?
Summary
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T04:54:31.123Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libexpat/libexpat/issues/531",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libexpat/libexpat/pull/534",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
               },
               {
                  name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220121-0004/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2022-05",
               },
               {
                  name: "DSA-5073",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2022/dsa-5073",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
               },
               {
                  name: "GLSA-202209-24",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202209-24",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-09-29T16:07:13",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libexpat/libexpat/issues/531",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libexpat/libexpat/pull/534",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
            },
            {
               name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20220121-0004/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.tenable.com/security/tns-2022-05",
            },
            {
               name: "DSA-5073",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2022/dsa-5073",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
            },
            {
               name: "GLSA-202209-24",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202209-24",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-45960",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libexpat/libexpat/issues/531",
                     refsource: "MISC",
                     url: "https://github.com/libexpat/libexpat/issues/531",
                  },
                  {
                     name: "https://github.com/libexpat/libexpat/pull/534",
                     refsource: "MISC",
                     url: "https://github.com/libexpat/libexpat/pull/534",
                  },
                  {
                     name: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
                     refsource: "MISC",
                     url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
                  },
                  {
                     name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20220121-0004/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20220121-0004/",
                  },
                  {
                     name: "https://www.tenable.com/security/tns-2022-05",
                     refsource: "CONFIRM",
                     url: "https://www.tenable.com/security/tns-2022-05",
                  },
                  {
                     name: "DSA-5073",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2022/dsa-5073",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
                  },
                  {
                     name: "GLSA-202209-24",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202209-24",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-45960",
      datePublished: "2022-01-01T18:47:46",
      dateReserved: "2022-01-01T00:00:00",
      dateUpdated: "2024-08-04T04:54:31.123Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19966
Vulnerability from cvelistv5
Published
2019-12-25 03:01
Modified
2024-08-05 02:32
Severity ?
Summary
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:32:10.419Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
               },
               {
                  name: "openSUSE-SU-2020:0336",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-13T13:06:11",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
            },
            {
               name: "openSUSE-SU-2020:0336",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19966",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                  },
                  {
                     name: "openSUSE-SU-2020:0336",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19966",
      datePublished: "2019-12-25T03:01:38",
      dateReserved: "2019-12-25T00:00:00",
      dateUpdated: "2024-08-05T02:32:10.419Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19060
Vulnerability from cvelistv5
Published
2019-11-18 05:24
Modified
2024-08-05 02:09
Severity ?
Summary
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:39.600Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
               },
               {
                  name: "USN-4208-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4208-1/",
               },
               {
                  name: "USN-4210-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4210-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "openSUSE-SU-2019:2675",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
               },
               {
                  name: "USN-4226-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4226-1/",
               },
               {
                  name: "USN-4364-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4364-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-05-21T02:06:08",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
            },
            {
               name: "USN-4208-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4208-1/",
            },
            {
               name: "USN-4210-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4210-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "openSUSE-SU-2019:2675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
            },
            {
               name: "USN-4226-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4226-1/",
            },
            {
               name: "USN-4364-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4364-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19060",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0",
                  },
                  {
                     name: "USN-4208-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4208-1/",
                  },
                  {
                     name: "USN-4210-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4210-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "openSUSE-SU-2019:2675",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
                  },
                  {
                     name: "USN-4226-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4226-1/",
                  },
                  {
                     name: "USN-4364-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4364-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19060",
      datePublished: "2019-11-18T05:24:01",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:39.600Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-1729
Vulnerability from cvelistv5
Published
2022-09-01 00:00
Modified
2024-08-03 00:16
Severity ?
Summary
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
Impacted products
Vendor Product Version
n/a linux kernel Version: linux kernel 5.18 rc9
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T00:16:58.917Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2022/05/20/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230214-0006/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "linux kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "linux kernel 5.18 rc9",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-366",
                     description: "CWE-366",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-14T00:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704",
            },
            {
               url: "https://www.openwall.com/lists/oss-security/2022/05/20/2",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230214-0006/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2022-1729",
      datePublished: "2022-09-01T00:00:00",
      dateReserved: "2022-05-16T00:00:00",
      dateUpdated: "2024-08-03T00:16:58.917Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-3141
Vulnerability from cvelistv5
Published
2023-06-09 00:00
Modified
2024-08-02 06:48
Severity ?
Summary
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
Impacted products
Vendor Product Version
n/a Kernel Version: Kenrel version prior to Kernel 6.4-rc1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:48:07.922Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230706-0004/",
               },
               {
                  name: "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
               },
               {
                  name: "[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Kenrel version prior to Kernel 6.4-rc1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-19T23:06:24.549591",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/",
            },
            {
               url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4",
            },
            {
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230706-0004/",
            },
            {
               name: "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
            },
            {
               name: "[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-3141",
      datePublished: "2023-06-09T00:00:00",
      dateReserved: "2023-06-07T00:00:00",
      dateUpdated: "2024-08-02T06:48:07.922Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19447
Vulnerability from cvelistv5
Published
2019-12-08 00:48
Modified
2024-08-05 02:16
Severity ?
Summary
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:16:47.116Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200103-0001/",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
               {
                  name: "openSUSE-SU-2020:0336",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
               },
               {
                  name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
               },
               {
                  name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-10T12:04:09",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200103-0001/",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
            {
               name: "openSUSE-SU-2020:0336",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
            },
            {
               name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
            },
            {
               name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19447",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
                     refsource: "MISC",
                     url: "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200103-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200103-0001/",
                  },
                  {
                     name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
                  },
                  {
                     name: "openSUSE-SU-2020:0336",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19447",
      datePublished: "2019-12-08T00:48:36",
      dateReserved: "2019-11-29T00:00:00",
      dateUpdated: "2024-08-05T02:16:47.116Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-26607
Vulnerability from cvelistv5
Published
2023-02-26 00:00
Modified
2024-08-02 11:53
Severity ?
Summary
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:53:54.320Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lkml.org/lkml/2023/2/21/1353",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230316-0010/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36a4d82dddbbd421d2b8e79e1cab68c8126d5075",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1208703",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-25T00:41:12.014749",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://lkml.org/lkml/2023/2/21/1353",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230316-0010/",
            },
            {
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36a4d82dddbbd421d2b8e79e1cab68c8126d5075",
            },
            {
               url: "https://bugzilla.suse.com/show_bug.cgi?id=1208703",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2023-26607",
      datePublished: "2023-02-26T00:00:00",
      dateReserved: "2023-02-26T00:00:00",
      dateUpdated: "2024-08-02T11:53:54.320Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19057
Vulnerability from cvelistv5
Published
2019-11-18 05:23
Modified
2024-08-05 02:09
Severity ?
Summary
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:39.338Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
               },
               {
                  name: "FEDORA-2019-021c968423",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
               },
               {
                  name: "FEDORA-2019-34a75d7e61",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "openSUSE-SU-2019:2675",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
               },
               {
                  name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2020/Jan/10",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  name: "USN-4254-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4254-1/",
               },
               {
                  name: "USN-4254-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4254-2/",
               },
               {
                  name: "USN-4285-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4285-1/",
               },
               {
                  name: "USN-4287-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4287-1/",
               },
               {
                  name: "USN-4287-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4287-2/",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
               {
                  name: "USN-4284-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4284-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-02T20:06:22",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
            },
            {
               name: "FEDORA-2019-021c968423",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
            },
            {
               name: "FEDORA-2019-34a75d7e61",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "openSUSE-SU-2019:2675",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
            },
            {
               name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2020/Jan/10",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               name: "USN-4254-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4254-1/",
            },
            {
               name: "USN-4254-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4254-2/",
            },
            {
               name: "USN-4285-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4285-1/",
            },
            {
               name: "USN-4287-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4287-1/",
            },
            {
               name: "USN-4287-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4287-2/",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
            {
               name: "USN-4284-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4284-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19057",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c",
                  },
                  {
                     name: "FEDORA-2019-021c968423",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/",
                  },
                  {
                     name: "FEDORA-2019-34a75d7e61",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "openSUSE-SU-2019:2675",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
                  },
                  {
                     name: "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
                     refsource: "BUGTRAQ",
                     url: "https://seclists.org/bugtraq/2020/Jan/10",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "USN-4254-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4254-1/",
                  },
                  {
                     name: "USN-4254-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4254-2/",
                  },
                  {
                     name: "USN-4285-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4285-1/",
                  },
                  {
                     name: "USN-4287-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4287-1/",
                  },
                  {
                     name: "USN-4287-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4287-2/",
                  },
                  {
                     name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
                  },
                  {
                     name: "USN-4284-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4284-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19057",
      datePublished: "2019-11-18T05:23:57",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:39.338Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-4154
Vulnerability from cvelistv5
Published
2022-02-04 22:29
Modified
2024-08-03 17:16
Severity ?
Summary
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
Impacted products
Vendor Product Version
n/a kernel Version: Fixed in kernel 5.14 rc2
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T17:16:04.485Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220225-0004/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Fixed in kernel 5.14 rc2",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-02-25T09:06:07",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20220225-0004/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2021-4154",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "kernel",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Fixed in kernel 5.14 rc2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-416",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=2034514",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b",
                  },
                  {
                     name: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
                     refsource: "MISC",
                     url: "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20220225-0004/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20220225-0004/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2021-4154",
      datePublished: "2022-02-04T22:29:17",
      dateReserved: "2021-12-22T00:00:00",
      dateUpdated: "2024-08-03T17:16:04.485Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-46143
Vulnerability from cvelistv5
Published
2022-01-06 03:48
Modified
2024-08-04 05:02
Summary
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T05:02:11.585Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libexpat/libexpat/issues/532",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libexpat/libexpat/pull/538",
               },
               {
                  name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220121-0006/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2022-05",
               },
               {
                  name: "DSA-5073",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2022/dsa-5073",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
               },
               {
                  name: "GLSA-202209-24",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202209-24",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-09-29T16:07:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libexpat/libexpat/issues/532",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libexpat/libexpat/pull/538",
            },
            {
               name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20220121-0006/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.tenable.com/security/tns-2022-05",
            },
            {
               name: "DSA-5073",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2022/dsa-5073",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
            },
            {
               name: "GLSA-202209-24",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202209-24",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-46143",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libexpat/libexpat/issues/532",
                     refsource: "MISC",
                     url: "https://github.com/libexpat/libexpat/issues/532",
                  },
                  {
                     name: "https://github.com/libexpat/libexpat/pull/538",
                     refsource: "MISC",
                     url: "https://github.com/libexpat/libexpat/pull/538",
                  },
                  {
                     name: "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2022/01/17/3",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20220121-0006/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20220121-0006/",
                  },
                  {
                     name: "https://www.tenable.com/security/tns-2022-05",
                     refsource: "CONFIRM",
                     url: "https://www.tenable.com/security/tns-2022-05",
                  },
                  {
                     name: "DSA-5073",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2022/dsa-5073",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
                  },
                  {
                     name: "GLSA-202209-24",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202209-24",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-46143",
      datePublished: "2022-01-06T03:48:26",
      dateReserved: "2022-01-06T00:00:00",
      dateUpdated: "2024-08-04T05:02:11.585Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19922
Vulnerability from cvelistv5
Published
2019-12-22 19:07
Modified
2024-08-05 02:32
Severity ?
Summary
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:32:10.074Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-4226-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4226-1/",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/kubernetes/kubernetes/issues/67577",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-06-14T17:20:11",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-4226-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4226-1/",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/kubernetes/kubernetes/issues/67577",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19922",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-4226-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4226-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425",
                  },
                  {
                     name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
                     refsource: "MISC",
                     url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425",
                  },
                  {
                     name: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
                     refsource: "MISC",
                     url: "https://relistan.com/the-kernel-may-be-slowing-down-your-app",
                  },
                  {
                     name: "https://github.com/kubernetes/kubernetes/issues/67577",
                     refsource: "MISC",
                     url: "https://github.com/kubernetes/kubernetes/issues/67577",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200204-0002/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19922",
      datePublished: "2019-12-22T19:07:16",
      dateReserved: "2019-12-22T00:00:00",
      dateUpdated: "2024-08-05T02:32:10.074Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-19044
Vulnerability from cvelistv5
Published
2019-11-18 05:23
Modified
2024-08-05 02:09
Severity ?
Summary
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T02:09:38.256Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
               },
               {
                  name: "USN-4225-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4225-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-07T05:06:54",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
            },
            {
               name: "USN-4225-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4225-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-19044",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
                     refsource: "MISC",
                     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/29cd13cfd7624726d9e6becbae9aa419ef35af7f",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191205-0001/",
                  },
                  {
                     name: "USN-4225-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4225-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-19044",
      datePublished: "2019-11-18T05:23:39",
      dateReserved: "2019-11-18T00:00:00",
      dateUpdated: "2024-08-05T02:09:38.256Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2598
Vulnerability from cvelistv5
Published
2023-06-01 00:00
Modified
2024-08-02 06:26
Severity ?
Summary
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
Impacted products
Vendor Product Version
n/a Kernel Version: Kernel prior to 6.4-rc1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:26:09.892Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2023/05/08/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230703-0006/",
               },
               {
                  name: "[oss-security] 20240424 CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/04/24/3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Kernel prior to  6.4-rc1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-01T18:11:38.879166",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://www.openwall.com/lists/oss-security/2023/05/08/3",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230703-0006/",
            },
            {
               name: "[oss-security] 20240424 CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2024/04/24/3",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-2598",
      datePublished: "2023-06-01T00:00:00",
      dateReserved: "2023-05-09T00:00:00",
      dateUpdated: "2024-08-02T06:26:09.892Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}