cvelistv5 - cve-2019-25160

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c	Patch

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

ghsa-gj7p-vqfr-xgjw

Vulnerability from github

Published

2024-02-26 18:30

Modified

2024-04-17 18:31

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

netlabel: fix out-of-bounds memory accesses

There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the fixes are straightforward.

As a FYI for anyone backporting this patch to kernels prior to v4.8, you'll want to apply the netlbl_bitmap_walk() patch to cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before Linux v4.8.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-25160"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-26T18:15:06Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8.",
  "id": "GHSA-gj7p-vqfr-xgjw",
  "modified": "2024-04-17T18:31:31Z",
  "published": "2024-02-26T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25160"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2019-25160

Vulnerability from gsd

Modified

2024-02-27 06:04

Details

In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the fixes are straightforward. As a FYI for anyone backporting this patch to kernels prior to v4.8, you'll want to apply the netlbl_bitmap_walk() patch to cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before Linux v4.8.

Aliases

CVE-2019-25160

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-25160"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8.",
      "id": "GSD-2019-25160",
      "modified": "2024-02-27T06:04:12.747501Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2019-25160",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "446fda4f2682",
                          "version_value": "97bc3683c249"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "2.6.19"
                              },
                              {
                                "lessThan": "2.6.19",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "3.16.*",
                                "status": "unaffected",
                                "version": "3.16.66",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "3.18.*",
                                "status": "unaffected",
                                "version": "3.18.137",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.4.*",
                                "status": "unaffected",
                                "version": "4.4.177",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.9.*",
                                "status": "unaffected",
                                "version": "4.9.163",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.14.*",
                                "status": "unaffected",
                                "version": "4.14.106",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.19.*",
                                "status": "unaffected",
                                "version": "4.19.28",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.20.*",
                                "status": "unaffected",
                                "version": "4.20.15",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "5.0",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8."
          }
        ]
      },
      "generator": {
        "engine": "bippy-5f0117140d9a"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272"
          },
          {
            "name": "https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950"
          },
          {
            "name": "https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e"
          },
          {
            "name": "https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000"
          },
          {
            "name": "https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c"
          },
          {
            "name": "https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb"
          },
          {
            "name": "https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78"
          },
          {
            "name": "https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5BE81AB9-4B65-4869-90BE-017D91883C73",
                    "versionEndExcluding": "3.16.66",
                    "versionStartIncluding": "2.6.19",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4398F66E-2736-42C0-860F-F7BC4AA499A9",
                    "versionEndExcluding": "3.18.137",
                    "versionStartIncluding": "3.17.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "2B11D0D4-8911-4176-B660-7A31A5A5563F",
                    "versionEndExcluding": "4.4.177",
                    "versionStartIncluding": "3.19.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "32689183-4840-45C3-B1C1-786F9AA3C37F",
                    "versionEndExcluding": "4.9.163",
                    "versionStartIncluding": "4.5.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B0A84CE1-F2C1-45E6-9856-4A5389302236",
                    "versionEndExcluding": "4.14.106",
                    "versionStartIncluding": "4.10.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EAD30F57-73E5-4527-9D5A-A7927304AE6B",
                    "versionEndExcluding": "4.19.28",
                    "versionStartIncluding": "4.15.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "09B03EF0-9FEB-41ED-8907-3528587B0BF6",
                    "versionEndExcluding": "4.20.15",
                    "versionStartIncluding": "4.20.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8."
          },
          {
            "lang": "es",
            "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netlabel: corrige accesos a memoria fuera de los l\u00edmites Hay dos accesos a memoria fuera de los l\u00edmites de matriz, uno en cipso_v4_map_lvl_valid() y el otro en netlbl_bitmap_walk(). Ambos errores son vergonzosamente simples y las soluciones son sencillas. Para su informaci\u00f3n, cualquiera que est\u00e9 implementando este parche en kernels anteriores a v4.8, querr\u00e1 aplicar el parche netlbl_bitmap_walk() a cipso_v4_bitmap_walk() ya que netlbl_bitmap_walk() no existe antes de Linux v4.8."
          }
        ],
        "id": "CVE-2019-25160",
        "lastModified": "2024-04-17T17:43:57.407",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.2,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-02-26T18:15:06.930",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "tags": [
              "Patch"
            ],
            "url": "https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-125"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

wid-sec-w-2024-0478

Vulnerability from csaf_certbund

Published

2024-02-26 23:00

Modified

2024-06-11 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0478 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0478.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0478 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0478"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0855-1 vom 2024-03-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018151.html"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022601-CVE-2019-25161-f77d@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022602-CVE-2019-25162-70ae@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022602-CVE-2020-36775-1cbe@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022603-CVE-2021-46906-636c@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022620-CVE-2024-26606-64b6@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-02-26",
        "url": "http://lore.kernel.org/linux-cve-announce/2024022657-CVE-2019-25160-e487@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0858-1 vom 2024-03-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018153.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0900-1 vom 2024-03-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018167.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018155.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018154.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0900-2 vom 2024-03-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018182.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0910-1 vom 2024-03-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018181.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018204.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018186.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018205.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018185.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0977-1 vom 2024-03-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018210.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6739-1 vom 2024-04-19",
        "url": "https://ubuntu.com/security/notices/USN-6739-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6766-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6766-1"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
        "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6767-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6767-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6767-2 vom 2024-05-14",
        "url": "https://ubuntu.com/security/notices/USN-6767-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6766-2 vom 2024-05-15",
        "url": "https://ubuntu.com/security/notices/USN-6766-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6795-1 vom 2024-05-28",
        "url": "https://ubuntu.com/security/notices/USN-6795-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3618"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3627"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11",
        "url": "https://ubuntu.com/security/notices/USN-6828-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2024-06-12T08:09:49.022+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0478",
      "initial_release_date": "2024-02-26T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-26T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-12T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-03-14T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-03-24T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-04-21T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-06T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Ubuntu und Dell aufgenommen"
        },
        {
          "date": "2024-05-13T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-14T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-15T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-04T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-06T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "17"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "virtual",
                "product": {
                  "name": "Dell NetWorker virtual",
                  "product_id": "T034583",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:virtual"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC Avamar",
            "product": {
              "name": "EMC Avamar",
              "product_id": "T014381",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:avamar:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T032006",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-25160",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2019-25160"
    },
    {
      "cve": "CVE-2019-25161",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2019-25161"
    },
    {
      "cve": "CVE-2019-25162",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2019-25162"
    },
    {
      "cve": "CVE-2020-36775",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2020-36775"
    },
    {
      "cve": "CVE-2021-46906",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2021-46906"
    },
    {
      "cve": "CVE-2024-26606",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Ursachen, wie Use-after-Free-Fehler, Fehler mit dem Speichermanagement oder Out-of-Bounds-Fehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder unbekannte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032006",
          "T014381",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T034583",
          "T004914"
        ]
      },
      "release_date": "2024-02-26T23:00:00Z",
      "title": "CVE-2024-26606"
    }
  ]
}

cve-2019-25160

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

cve-2019-25160

Vulnerability from cvelistv5

ghsa-gj7p-vqfr-xgjw

Vulnerability from github

gsd-2019-25160

Vulnerability from gsd

wid-sec-w-2024-0478

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature