| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Kernel Linux
Linux kernel: denial of service via UDP
Synthesis of the vulnerability
An attacker can send UDP packets without payload to the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 03/05/2019.
Identifiers: CVE-2019-11683, FEDORA-2019-5b76e711b3, USN-3979-1, VIGILANCE-VUL-29219.
Description of the vulnerability
An attacker can send UDP packets without payload to the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: denial of service following insufficient locking
Synthesis of the vulnerability
An attacker can trigger a fatal error in the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 30/04/2019.
Identifiers: 1790, CVE-2019-11599, VIGILANCE-VUL-29159.
Description of the vulnerability
An attacker can trigger a fatal error in the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: use after free
Synthesis of the vulnerability
An attacker can force the usage of a freed memory area of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Linux.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on client.
Provenance: user shell.
Creation date: 29/04/2019.
Identifiers: 1752, CVE-2019-11487, VIGILANCE-VUL-29150.
Description of the vulnerability
An attacker can force the usage of a freed memory area of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: denial of service via vhost_net
Synthesis of the vulnerability
An attacker can send malicious vhost_net packets to Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 26/04/2019.
Identifiers: CVE-2019-3900, FEDORA-2019-640f8d8dd1, FEDORA-2019-8219efa9f6, FEDORA-2019-87d807d7cb, VIGILANCE-VUL-29144.
Description of the vulnerability
An attacker can send malicious vhost_net packets to Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: buffer overflow via brcmf_wowl_nd_results
Synthesis of the vulnerability
An attacker can trigger a buffer overflow via brcmf_wowl_nd_results() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 2.
Creation date: 25/04/2019.
Identifiers: CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-233, CVE-2019-9500, CVE-2019-9503, FEDORA-2019-1b986880ea, FEDORA-2019-1e8a4c6958, FEDORA-2019-8219efa9f6, FEDORA-2019-87d807d7cb, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1407-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, VIGILANCE-VUL-29128, VU#166939.
Description of the vulnerability
An attacker can trigger a buffer overflow via brcmf_wowl_nd_results() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: information disclosure via ASLR Bypass
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via ASLR Bypass of the Linux kernel, in order to obtain sensitive information.
Impacted products: Linux.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 04/04/2019.
Identifiers: CVE-2019-11190, CVE-2019-11191, VIGILANCE-VUL-28940.
Description of the vulnerability
An attacker can bypass access restrictions to data via ASLR Bypass of the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: denial of service via vfio/type1 DMA Mappings
Synthesis of the vulnerability
An attacker can trigger a fatal error via vfio/type1 DMA Mappings of the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 03/04/2019.
Identifiers: CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-233, CVE-2019-3882, FEDORA-2019-65c6d11eba, FEDORA-2019-be9add5b77, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1407-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, VIGILANCE-VUL-28934.
Description of the vulnerability
An attacker can trigger a fatal error via vfio/type1 DMA Mappings of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: memory leak via inotify_update_existing_watch
Synthesis of the vulnerability
An attacker can create a memory leak via inotify_update_existing_watch() of the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 19/03/2019.
Identifiers: CVE-2019-9857, FEDORA-2019-65c6d11eba, FEDORA-2019-be9add5b77, VIGILANCE-VUL-28774.
Description of the vulnerability
An attacker can create a memory leak via inotify_update_existing_watch() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: assertion error via xfs_aops.c
Synthesis of the vulnerability
An attacker can force an assertion error via xfs_aops.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Linux, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 18/03/2019.
Identifiers: CERTFR-2019-AVI-114, CERTFR-2019-AVI-233, CVE-2016-10741, DLA-1731-1, DLA-1731-2, SUSE-SU-2019:1289-1, SUSE-SU-2019:13979-1, VIGILANCE-VUL-28759.
Description of the vulnerability
An attacker can force an assertion error via xfs_aops.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: denial of service via ELF Loader
Synthesis of the vulnerability
An attacker can trigger a fatal error via ELF Loader of the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 13/03/2019.
Identifiers: VIGILANCE-VUL-28733.
Description of the vulnerability
An attacker can trigger a fatal error via ELF Loader of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Kernel Linux:
|