what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2019-5108

Status Candidate

Overview

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.

Related Files

Red Hat Security Advisory 2020-1493-01
Posted Apr 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1493-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, heap overflow, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14895, CVE-2019-14901, CVE-2019-15031, CVE-2019-15099, CVE-2019-15666, CVE-2019-19922, CVE-2019-20054, CVE-2019-20095, CVE-2019-5108
MD5 | d23a11d29af809a4480f6714ad12414d
Kernel Live Patch Security Notice LSN-0063-1
Posted Feb 20, 2020
Authored by Benjamin M. Romer

Mitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2019-14615, CVE-2019-19050, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | 905a4d92f08ee676e7aa0579c14131b9
Ubuntu Security Notice USN-4286-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-2 - USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | aff5d99660a6cf45c6cd9363ec293dc7
Ubuntu Security Notice USN-4287-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-2 - USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | e0a917b1318a227cbe7dcda44cca0d1a
Ubuntu Security Notice USN-4287-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | 8ac6c9839149435e4e444efe50c60dbc
Ubuntu Security Notice USN-4286-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | 8455aecab2d4723eb33c4d08058ff1de
Ubuntu Security Notice USN-4285-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4285-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-16229, CVE-2019-16232, CVE-2019-18786, CVE-2019-18809, CVE-2019-19057, CVE-2019-19063, CVE-2019-19947, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | daf9f1592f5ba45b8c8932f8eca98761
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close