what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2019-19319

Status Candidate

Overview

In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.

Related Files

Red Hat Security Advisory 2020-4609-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4609-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, information leakage, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2019-15917, CVE-2019-15925, CVE-2019-16231, CVE-2019-16233, CVE-2019-18808, CVE-2019-18809, CVE-2019-19046, CVE-2019-19056, CVE-2019-19062, CVE-2019-19063, CVE-2019-19068, CVE-2019-19072, CVE-2019-19319, CVE-2019-19332, CVE-2019-19447, CVE-2019-19524, CVE-2019-19533, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19770, CVE-2019-20054, CVE-2019-20636, CVE-2019-9455, CVE-2019-9458, CVE-2020-0305, CVE-2020-1073
MD5 | 429795cee7e49d12da71416a2fee9329
Red Hat Security Advisory 2020-4431-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4431-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, information leakage, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2019-12614, CVE-2019-15917, CVE-2019-15925, CVE-2019-16231, CVE-2019-16233, CVE-2019-18808, CVE-2019-18809, CVE-2019-19046, CVE-2019-19056, CVE-2019-19062, CVE-2019-19063, CVE-2019-19068, CVE-2019-19072, CVE-2019-19319, CVE-2019-19332, CVE-2019-19447, CVE-2019-19524, CVE-2019-19533, CVE-2019-19537, CVE-2019-19543, CVE-2019-19767, CVE-2019-19770, CVE-2019-20054, CVE-2019-20636, CVE-2019-9455, CVE-2019-9458
MD5 | 40a4f9454bafb09a9b91ae53a7e2f617
Ubuntu Security Notice USN-4391-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4391-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19319, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-12769, CVE-2020-12826, CVE-2020-1749
MD5 | b9a5c4d0b8f881b21288f5e8a866b693
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close