Multiple vulnerabilities in Linux kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2019-19065 CVE-2019-19061 CVE-2019-19069 CVE-2019-19060 CVE-2019-19922 CVE-2019-19048 CVE-2019-19532 CVE-2019-19526 |
| CWE-ID | CWE-401 CWE-787 CWE-416 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Memory leak
EUVDB-ID: #VU24339
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19065
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures. A local user can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3.1 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://github.com/torvalds/linux/commit/34b3be18a04ecdc610aae4c48e5d1b799d8689f6
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU24432
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19061
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "adis_update_scan_mode_burst()" function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows a local user to cause a denial of service (memory consumption).
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873
http://security.netapp.com/advisory/ntap-20191205-0001/
http://usn.ubuntu.com/4208-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory leak
EUVDB-ID: #VU24431
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19069
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "fastrpc_dma_buf_attach()" function in "drivers/misc/fastrpc.c" file in the Linux kernel before 5.3.9 allows a local user to cause a denial of service (memory consumption) by triggering "dma_get_sgtable()" failures.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://github.com/torvalds/linux/commit/fc739a058d99c9297ef6bfd923b809d85855b9a9
http://security.netapp.com/advisory/ntap-20191205-0001/
http://usn.ubuntu.com/4208-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory leak
EUVDB-ID: #VU24430
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19060
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "adis_update_scan_mode()" function in d"rivers/iio/imu/adis_buffer.c" file. A local user can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0
http://security.netapp.com/advisory/ntap-20191205-0001/
http://usn.ubuntu.com/4208-1/
http://usn.ubuntu.com/4210-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory leak
EUVDB-ID: #VU24438
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19922
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in "kernel/sched/fair.c" when "cpu.cfs_quota_us" is used (e.g., with Kubernetes). A local user can cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425
http://github.com/kubernetes/kubernetes/issues/67577
http://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425
http://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
http://relistan.com/the-kernel-may-be-slowing-down-your-app
http://usn.ubuntu.com/4226-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory leak
EUVDB-ID: #VU24441
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19048
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "crypto_reportstat()" function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows a local user to cause a denial of service (memory consumption) by triggering "copy_form_user()" failures.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://github.com/torvalds/linux/commit/e0b0cb9388642c104838fac100a4af32745621e2
http://security.netapp.com/advisory/ntap-20191205-0001/
http://usn.ubuntu.com/4208-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds write
EUVDB-ID: #VU24440
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19532
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c. A local user with physical access can use a malicious USB device in the Linux kernel HID drivers, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://www.openwall.com/lists/oss-security/2019/12/03/4
http://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d9d4b1e46d9543a82c23f6df03f4ad697dab361b
http://usn.ubuntu.com/4226-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Use-after-free
EUVDB-ID: #VU24439
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19526
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to use-after-free error in the drivers/nfc/pn533/usb.c driver. A local user with physical access can use a malicious USB device to trigger use-after-free error and execute arbitrary code on the system with elevated privileges.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.3 - 5.3.8
External linkshttp://www.openwall.com/lists/oss-security/2019/12/03/4
http://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc
http://usn.ubuntu.com/4226-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
