The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability bulletin CVE-2019-12454

Linux kernel: out-of-bounds memory reading via wcd9335_codec_enable_dec

Synthesis of the vulnerability

An attacker can force a read at an invalid address via wcd9335_codec_enable_dec() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Vulnerable products: Fedora, Linux.
Severity of this weakness: 1/4.
Consequences of an attack: data reading, denial of service on server, denial of service on service.
Hacker's origin: user shell.
Creation date: 03/06/2019.
Références of this bulletin: CVE-2019-12454, FEDORA-2019-f40bd7826f, VIGILANCE-VUL-29448.

Description of the vulnerability

An attacker can force a read at an invalid address via wcd9335_codec_enable_dec() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides application vulnerability analysis. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities.