what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

CVE-2019-11815

Status Candidate

Overview

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

Related Files

Kernel Live Patch Security Notice LSN-0053-1
Posted Jul 29, 2019
Authored by Benjamin M. Romer

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2011-1079, CVE-2011-11833, CVE-2011-11884, CVE-2019-11815, CVE-2019-2054
MD5 | 5d39e34bd8b180177429a30ccd754900
Ubuntu Security Notice USN-4068-2
Posted Jul 23, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4068-2 - USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11085, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884
MD5 | f5fe64d4eb14a1ae9bfe582e0a11c93b
Ubuntu Security Notice USN-4068-1
Posted Jul 23, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4068-1 - Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2019-11085, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884
MD5 | bc5a5d2564a39eba34cfa7a32e3ae1c5
Debian Security Advisory 4465-1
Posted Jun 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-10126, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11486, CVE-2019-11599, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-3846, CVE-2019-5489, CVE-2019-9500, CVE-2019-9503
MD5 | a2e7d7ad8cd5265b8a90186bcd82ff4d
Ubuntu Security Notice USN-4008-3
Posted Jun 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4008-3 - USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11190, CVE-2019-11191, CVE-2019-11810, CVE-2019-11815
MD5 | db49ff8f595ab9c220359728c2fce6de
Ubuntu Security Notice USN-4008-2
Posted Jun 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4008-2 - USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missing mmap rules. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2019-11190, CVE-2019-11191, CVE-2019-11810, CVE-2019-11815
MD5 | c8882ea2860369fb404f12edb2a0d011
Ubuntu Security Notice USN-4008-1
Posted Jun 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4008-1 - Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-11190, CVE-2019-11191, CVE-2019-11810, CVE-2019-11815
MD5 | d990ef004d827d7c662f4a3b15d04b52
Ubuntu Security Notice USN-4005-1
Posted Jun 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4005-1 - It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2019-11810, CVE-2019-11815
MD5 | b9c7b40667d79e997cb9607e3f823676
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close