diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-06-17 15:20:05 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-06-17 15:20:05 +0100 |
commit | 87895a4d41d2d6cbe38ed9d2131d0caa75471191 (patch) | |
tree | 6ba1e9cab484f67923a31998574420ca3b11ad40 /dsa-texts/4.9.168-1+deb9u3 | |
parent | 630322782a37a5ddc7fc53f68f35e2bfb0ab85f8 (diff) |
dsa-texts/4.9.168-1+deb9u3: Fill in descriptions of the remaining issues
Diffstat (limited to 'dsa-texts/4.9.168-1+deb9u3')
-rw-r--r-- | dsa-texts/4.9.168-1+deb9u3 | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/dsa-texts/4.9.168-1+deb9u3 b/dsa-texts/4.9.168-1+deb9u3 index a3c6a8c5..08d20e6b 100644 --- a/dsa-texts/4.9.168-1+deb9u3 +++ b/dsa-texts/4.9.168-1+deb9u3 @@ -9,18 +9,26 @@ Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. -CVE-2019-3846 +CVE-2019-3846, CVE-2019-10126 + + huangwen reported multiple buffer overflows in the Marvell wifi + (mwifiex) driver, which a local user could use to cause denial of + service or the execution of arbitrary code. CVE-2019-5489 + Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari + Trachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh + discovered that local users could use the mincore() system call to + obtain sensitive information from other processes that access the + same memory-mapped file. + CVE-2019-9500 CVE-2019-9503 Hugues Anguelkov discovered a buffer overflow and missing access validation in the Broadcom Wifi driver, which could result in denial of service or the execution of arbitrary code. -CVE-2019-10126 - CVE-2019-11477 Jonathan Looney reported that a specially crafted sequence of TCP @@ -48,8 +56,19 @@ CVE-2019-11479 CVE-2019-11486 + Jann Horn of Google reported numerous race conditions in the + Siemens R3964 line discipline. A local user could use these to + cause unspecified security impact. This module has therefore been + disabled. + CVE-2019-11599 + Jann Horn of Google reported a race condition in the core dump + implementation which could lead to a use-after-free. A local + user could use this to read sensitive information, to cause a + denial of service (memory corruption), or for privilege + escalation. + CVE-2019-11815 It was discovered that a use-after-free in the Reliable Datagram @@ -58,7 +77,17 @@ CVE-2019-11815 CVE-2019-11833 + It was discovered that the ext4 filesystem implementation writes + uninitialised data from kernel memory to new extent blocks. A + local user able to write to an ext4 filesystem and then read the + filesystem image, for example using a removable drive, might be + able to use this to obtain sensitive information. + CVE-2019-11884 + It was discovered that the Bluetooth HIDP implementation did not + ensure that new connection names were null-terminated. A local + user with CAP_NET_ADMIN capability might be able to use this to + obtain sensitive information from the kernel stack. stretch: 4.9.168-1+deb9u3 |