CVE-2019-9003
- EPSS 4.88%
- Veröffentlicht 22.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:47
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
CVE-2019-8980
- EPSS 5.85%
- Veröffentlicht 21.02.2019 05:29:01
- Zuletzt bearbeitet 21.11.2024 04:50:44
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-3812
- EPSS 0.43%
- Veröffentlicht 19.02.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:35
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memo...
CVE-2019-8912
- EPSS 0.65%
- Veröffentlicht 18.02.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:39
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
CVE-2019-8906
- EPSS 0.49%
- Veröffentlicht 18.02.2019 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:50:38
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
CVE-2019-8907
- EPSS 3.47%
- Veröffentlicht 18.02.2019 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:50:38
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
CVE-2019-8904
- EPSS 2.49%
- Veröffentlicht 18.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:37
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
CVE-2019-8905
- EPSS 0.48%
- Veröffentlicht 18.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:38
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
- EPSS 1.64%
- Veröffentlicht 15.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:49:44
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
CVE-2019-6974
- EPSS 16.52%
- Veröffentlicht 15.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:47:20
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.