exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2018-19985

Status Candidate

Overview

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

Related Files

Red Hat Security Advisory 2020-1070-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, information leakage, integer overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-3901, CVE-2019-9503
SHA-256 | 6b93e72a941e31a33bc0ed2eb41a6d09d612a0c8a7df6721b2b19e60e9d46f8c
Download | Favorite | View
Red Hat Security Advisory 2020-1016-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-9289, CVE-2017-17807, CVE-2018-19985, CVE-2018-20169, CVE-2018-7191, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11884, CVE-2019-12382, CVE-2019-13233, CVE-2019-13648, CVE-2019-14283, CVE-2019-15916, CVE-2019-16746, CVE-2019-18660, CVE-2019-3901, CVE-2019-9503
SHA-256 | 5270d5021355b80a03bef2fa11d11ec5b8ab02fe18ec0a66da959c57bee345f6
Download | Favorite | View
Red Hat Security Advisory 2019-3517-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2015-1593, CVE-2018-16884, CVE-2018-19854, CVE-2018-19985, CVE-2018-20169, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-11599, CVE-2019-11833, CVE-2019-11884, CVE-2019-13233, CVE-2019-14821, CVE-2019-15916, CVE-2019-3459, CVE-2019-3460, CVE-2019-3874, CVE-2019-3882, CVE-2019-3900, CVE-2019-5489, CVE-2019-7222, CVE-2019-9506
SHA-256 | 03447a52c4980f374df664e7374cea8800a1174c9ab4df5eb1f470f7db1d6d0b
Download | Favorite | View
Red Hat Security Advisory 2019-3309-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3309-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, heap overflow, information leakage, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16884, CVE-2018-19854, CVE-2018-19985, CVE-2018-20169, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-11599, CVE-2019-11833, CVE-2019-11884, CVE-2019-13233, CVE-2019-14821, CVE-2019-15916, CVE-2019-3459, CVE-2019-3460, CVE-2019-3874, CVE-2019-3882, CVE-2019-3900, CVE-2019-5489, CVE-2019-7222, CVE-2019-9506
SHA-256 | 59cc375374ff6c15113d1988a4247e3d24bd10d07e2610dd9344468468bbc9e6
Download | Favorite | View
Ubuntu Security Notice USN-4115-2
Posted Sep 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4115-2 - USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-19985, CVE-2018-20784, CVE-2019-0136, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-3701, CVE-2019-3819, CVE-2019-3900
SHA-256 | 05acda341e120b77b16aad0ba3eb54346f60a3e3997eca4a108689927624648c
Download | Favorite | View
Ubuntu Security Notice USN-4118-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4118-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-13053, CVE-2018-13093, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14614, CVE-2018-14616, CVE-2018-14617, CVE-2018-16862, CVE-2018-19985, CVE-2018-20169, CVE-2018-20511, CVE-2018-20784, CVE-2018-20856, CVE-2018-5383, CVE-2019-0136, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11085, CVE-2019-11487, CVE-2019-11599
SHA-256 | 4f908bb81d9ebb9dd129fad885aa16a8ad89f97c5c09adc998aefff895ea8268
Download | Favorite | View
Ubuntu Security Notice USN-4115-1
Posted Sep 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4115-1 - Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service. Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-19985, CVE-2018-20784, CVE-2019-0136, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-3701, CVE-2019-3819, CVE-2019-3900
SHA-256 | 08121c3db54d152e12d06507d23ec168fbb76db1ad82346d206b3edabc68482d
Download | Favorite | View
Ubuntu Security Notice USN-3910-1
Posted Mar 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3910-1 - It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflush_merge mount option correctly. An attacker could use this to cause a denial of service. It was discovered that the procfs filesystem did not properly handle processes mapping some memory elements onto files. A local attacker could use this to block utilities that examine the procfs filesystem to report operating system state, such as ps. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-18241, CVE-2018-1120, CVE-2018-19985, CVE-2018-7740, CVE-2019-6133
SHA-256 | 157257d2d3ba9f076315aac9237850d45c69fad3745870c2d67f133d0c0a2253
Download | Favorite | View
Ubuntu Security Notice USN-3910-2
Posted Mar 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3910-2 - USN-3910-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflush_merge mount option correctly. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-18241, CVE-2018-1120, CVE-2018-19985, CVE-2018-7740, CVE-2019-6133
SHA-256 | e97a82abb1cfd336c59f8d5882e95ee4ac60646c17cd5c1f91a2a91e88f079f0
Download | Favorite | View
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Jan 31, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-18241, CVE-2017-18249, CVE-2018-10880, CVE-2018-1120, CVE-2018-12896, CVE-2018-13053, CVE-2018-13096, CVE-2018-13097, CVE-2018-13099, CVE-2018-13100, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613, CVE-2018-14614, CVE-2018-14616, CVE-2018-14633, CVE-2018-16862, CVE-2018-16884, CVE-2018-17972, CVE-2018-18021, CVE-2018-18281, CVE-2018-18690, CVE-2018-18710, CVE-2018-19824, CVE-2018-19985
SHA-256 | b00c9750a9d1a5293cf1b00be4962a74b7a8b39c5ae241b16f2e5d2e209b667b
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close