The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Kernel Linux

computer vulnerability note CVE-2019-11683

Linux kernel: denial of service via UDP

Synthesis of the vulnerability

An attacker can send UDP packets without payload to the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 03/05/2019.
Identifiers: CVE-2019-11683, FEDORA-2019-5b76e711b3, USN-3979-1, VIGILANCE-VUL-29219.

Description of the vulnerability

An attacker can send UDP packets without payload to the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2019-11599

Linux kernel: denial of service following insufficient locking

Synthesis of the vulnerability

An attacker can trigger a fatal error in the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 30/04/2019.
Identifiers: 1790, CVE-2019-11599, VIGILANCE-VUL-29159.

Description of the vulnerability

An attacker can trigger a fatal error in the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-11487

Linux kernel: use after free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Linux.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on client.
Provenance: user shell.
Creation date: 29/04/2019.
Identifiers: 1752, CVE-2019-11487, VIGILANCE-VUL-29150.

Description of the vulnerability

An attacker can force the usage of a freed memory area of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-3900

Linux kernel: denial of service via vhost_net

Synthesis of the vulnerability

An attacker can send malicious vhost_net packets to Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 26/04/2019.
Identifiers: CVE-2019-3900, FEDORA-2019-640f8d8dd1, FEDORA-2019-8219efa9f6, FEDORA-2019-87d807d7cb, VIGILANCE-VUL-29144.

Description of the vulnerability

An attacker can send malicious vhost_net packets to Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-9500 CVE-2019-9503

Linux kernel: buffer overflow via brcmf_wowl_nd_results

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via brcmf_wowl_nd_results() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 2.
Creation date: 25/04/2019.
Identifiers: CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-233, CVE-2019-9500, CVE-2019-9503, FEDORA-2019-1b986880ea, FEDORA-2019-1e8a4c6958, FEDORA-2019-8219efa9f6, FEDORA-2019-87d807d7cb, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1407-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, VIGILANCE-VUL-29128, VU#166939.

Description of the vulnerability

An attacker can trigger a buffer overflow via brcmf_wowl_nd_results() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-11190 CVE-2019-11191

Linux kernel: information disclosure via ASLR Bypass

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via ASLR Bypass of the Linux kernel, in order to obtain sensitive information.
Impacted products: Linux.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 04/04/2019.
Identifiers: CVE-2019-11190, CVE-2019-11191, VIGILANCE-VUL-28940.

Description of the vulnerability

An attacker can bypass access restrictions to data via ASLR Bypass of the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-3882

Linux kernel: denial of service via vfio/type1 DMA Mappings

Synthesis of the vulnerability

An attacker can trigger a fatal error via vfio/type1 DMA Mappings of the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 03/04/2019.
Identifiers: CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-233, CVE-2019-3882, FEDORA-2019-65c6d11eba, FEDORA-2019-be9add5b77, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1407-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, VIGILANCE-VUL-28934.

Description of the vulnerability

An attacker can trigger a fatal error via vfio/type1 DMA Mappings of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-9857

Linux kernel: memory leak via inotify_update_existing_watch

Synthesis of the vulnerability

An attacker can create a memory leak via inotify_update_existing_watch() of the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 19/03/2019.
Identifiers: CVE-2019-9857, FEDORA-2019-65c6d11eba, FEDORA-2019-be9add5b77, VIGILANCE-VUL-28774.

Description of the vulnerability

An attacker can create a memory leak via inotify_update_existing_watch() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-10741

Linux kernel: assertion error via xfs_aops.c

Synthesis of the vulnerability

An attacker can force an assertion error via xfs_aops.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Linux, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 18/03/2019.
Identifiers: CERTFR-2019-AVI-114, CERTFR-2019-AVI-233, CVE-2016-10741, DLA-1731-1, DLA-1731-2, SUSE-SU-2019:1289-1, SUSE-SU-2019:13979-1, VIGILANCE-VUL-28759.

Description of the vulnerability

An attacker can force an assertion error via xfs_aops.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 28733

Linux kernel: denial of service via ELF Loader

Synthesis of the vulnerability

An attacker can trigger a fatal error via ELF Loader of the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 13/03/2019.
Identifiers: VIGILANCE-VUL-28733.

Description of the vulnerability

An attacker can trigger a fatal error via ELF Loader of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Kernel Linux: