Slackware Linux update for Slackware 14.2 kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2019-12614 CVE-2019-15291 CVE-2019-15917 CVE-2019-18660 CVE-2019-18683 CVE-2019-19057 CVE-2019-19062 CVE-2019-19063 CVE-2019-19227 CVE-2019-19332 CVE-2019-19338 CVE-2019-19524 |
| CWE-ID | CWE-476 CWE-416 CWE-200 CWE-362 CWE-401 CWE-787 CWE-399 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #11 is available. |
| Vulnerable software Subscribe |
Slackware Linux Operating systems & Components / Operating system |
| Vendor | Slackware |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU20490
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12614
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c due to kstrdup of prop->name. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) NULL pointer dereference
EUVDB-ID: #VU20918
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15291
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the "flexcop_usb_probe" function in the "drivers/media/usb/b2c2/flexcop-usb.c" driver. A local attacker with physical access can use a malicious USB device and perform a denial of service (DoS) attack.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU24172
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15917
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. A remote attacker with physical proximity to the system can send specially crafted Bluetoth data and execute arbitrary code.
Update the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU23082
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-18660
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to absent protection in Linux kernel on powerpc against the Spectre-RSB, related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Race condition
EUVDB-ID: #VU22567
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-18683
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition, caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
Successful exploitation of the vulnerability requires access to /dev/video0.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory leak
EUVDB-ID: #VU23023
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19057
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "mwifiex_pcie_init_evt_ring()" function in "drivers/net/wireless/marvell/mwifiex/pcie.c" file. A remote attacker on the local network can cause a denial of service condition (memory consumption) by triggering "mwifiex_map_pci_memory()" failures.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory leak
EUVDB-ID: #VU23019
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19062
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "crypto_report()" function in "crypto/crypto_user_base.c" file. A local attacker can cause a denial of service condition (memory consumption) by triggering "crypto_report_alg()" failures.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Memory leak
EUVDB-ID: #VU23032
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19063
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "rtl_usb_probe()" function in "drivers/net/wireless/realtek/rtlwifi/usb.c" file. A remote attacker on the local network can cause a denial of service condition (memory consumption).Mitigation
Update the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) NULL pointer dereference
EUVDB-ID: #VU30584
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19227
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds write
EUVDB-ID: #VU28404
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19332
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to damange or delete data.
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Resource management error
EUVDB-ID: #VU26406
Risk: Low
CVSSv3.1: 5.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-19338
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to incomplete fix for Transaction Asynchronous Abort (TAA) issue on certain Intel CPUs (CVE-2019-11135). A local user on a guest operating system can exploit this vulnerability to gain access to sensitive information.
Update the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Use-after-free
EUVDB-ID: #VU24171
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19524
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to use-after-free error in the drivers/input/ff-memless.c driver. A local user can use a malicious USB device to trigger use-after-free error and execute arbitrary code on the system with elevated privileges.
MitigationUpdate the affected package Slackware 14.2 kernel.
Vulnerable software versionsSlackware Linux: 14.2
External linkshttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
