SB2019110729 - Multiple vulnerabilities in Linux kernel
Published: November 7, 2019 Updated: January 21, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2019-18809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "af9005_identify_state()" function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows a local user to cause a denial of service (memory consumption).
2) Memory leak (CVE-ID: CVE-2019-18812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "sof_dfsentry_write()" function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows a local user to cause a denial of service (memory consumption).
3) Memory leak (CVE-ID: CVE-2019-18811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "sof_set_get_large_ctrl_data()" function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows a local user to cause a denial of service (memory consumption) by triggering "sof_get_ctrl_copy_params()" failures.
4) Memory leak (CVE-ID: CVE-2019-18813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "dwc3_pci_probe()" function in "drivers/usb/dwc3/dwc3-pci.c" in the Linux kernel through 5.3.9 allows local user to cause a denial of service (memory consumption) by triggering "platform_device_add_properties()" failures.
5) Use-after-free (CVE-ID: CVE-2019-18814)
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when "aa_label_parse()" fails in "aa_audit_rule_init()" in security/apparmor/audit.c. A local user can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
6) Memory leak (CVE-ID: CVE-2019-18808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the "ccp_run_sha_cmd()" function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows a local user to cause a denial of service (memory consumption).
Remediation
Install update from vendor's website.
References
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
- https://github.com/torvalds/linux/commit/2289adbfa559050d2a38bcd9caac1c18b800e928
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/
- https://security.netapp.com/advisory/ntap-20191205-0001/
- https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed
- https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9bbfceea12a8f145097a27d7c7267af25893c060
- https://lore.kernel.org/patchwork/patch/1142523/
- https://support.f5.com/csp/article/K21561554?utm_source=f5support&utm_medium=RSS
- https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2