Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K88125023
HistoryApr 02, 2020 - 12:00 a.m.

K88125023 : Linux kernel vulnerabilities CVE-2019-16921, CVE-2019-18683, CVE-2019-18805

2020-04-0200:00:00
my.f5.com
124

8.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON

Security Advisory Description

In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.

Impact

There is no impact; F5 products are not affected by this vulnerability.

Related

cve 3
symantec 2
redhatcve 3
ubuntucve 3
veracode 1
prion 3
debiancve 3
nvd 3
cvelist 3
ptsecurity 1
kitploit 1
nessus 33
openvas 30
redhat 3
suse 3
ubuntu 6
slackware 1
oraclelinux 1
photon 5
cloudfoundry 1
debian 1
osv 1
androidsecurity 1
cve
cve
CVE-2019-16921
2019-09-27 13:15:10
CVE-2019-18683
2019-11-04 16:15:11
CVE-2019-18805
2019-11-07 14:15:11
symantec
symantec
Linux Kernel CVE-2019-16921 Information Disclosure Vulnerability
2018-03-19 00:00:00
Linux Kernel CVE-2019-18805 Integer Overflow Vulnerability
2019-04-17 00:00:00
redhatcve
redhatcve
CVE-2019-16921
2019-10-16 14:21:27
CVE-2019-18683
2019-11-13 07:07:28
CVE-2019-18805
2020-01-05 04:06:44
ubuntucve
ubuntucve
CVE-2019-16921
2019-09-27 00:00:00
CVE-2019-18683
2019-11-04 00:00:00
CVE-2019-18805
2019-11-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:24:41
prion
prion
Race condition
2019-11-04 16:15:00
Integer overflow
2019-11-07 14:15:00
Session fixation
2019-09-27 13:15:00
debiancve
debiancve
CVE-2019-18805
2019-11-07 14:15:11
CVE-2019-16921
2019-09-27 13:15:10
CVE-2019-18683
2019-11-04 16:15:11
nvd
nvd
CVE-2019-16921
2019-09-27 13:15:10
CVE-2019-18805
2019-11-07 14:15:11
CVE-2019-18683
2019-11-04 16:15:11
cvelist
cvelist
CVE-2019-18805
2019-11-07 13:08:05
CVE-2019-16921
2019-09-27 12:07:23
CVE-2019-18683
2019-11-04 15:36:14
ptsecurity
ptsecurity
PT-2019-05: Local privilege escalation
2019-01-11 00:00:00
kitploit
kitploit
Kconfig-Hardened-Check - A Tool For Checking The Hardening Options In The Linux Kernel Config
2021-06-18 21:30:00
nessus
nessus
openSUSE Security Update : the Linux Kernel (openSUSE-2019-2507)
2019-11-15 00:00:00
RHEL 7 : kernel-alt (RHSA-2020:0740)
2020-03-10 00:00:00
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4254-1)
2020-01-28 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2507-1)
2020-01-09 00:00:00
Ubuntu: Security Advisory (USN-4254-1)
2020-01-29 00:00:00
Ubuntu: Security Advisory (USN-4254-2)
2022-08-26 00:00:00
redhat
redhat
(RHSA-2020:0740) Important: kernel-alt security and bug fix update
2020-03-09 13:16:17
(RHSA-2020:1769) Important: kernel security, bug fix, and enhancement update
2020-04-28 09:13:52
(RHSA-2020:1567) Important: kernel-rt security, bug fix, and enhancement update
2020-04-28 08:51:22
suse
suse
Security update for the Linux Kernel (important)
2019-11-14 00:00:00
Security update for the Linux Kernel (important)
2019-11-14 00:00:00
Security update for the Linux Kernel (important)
2019-12-12 00:00:00
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2020-01-29 00:00:00
Linux kernel vulnerabilities
2020-01-28 00:00:00
Linux kernel vulnerabilities
2020-01-29 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-01-08 22:45:25
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2020-05-05 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0236
2019-05-30 00:00:00
Critical Photon OS Security Update - PHSA-2019-0236
2019-05-30 00:00:00
Critical Photon OS Security Update - PHSA-2019-0160
2019-05-24 00:00:00
cloudfoundry
cloudfoundry
USN-4287-1: Linux kernel vulnerabilities | Cloud Foundry
2020-03-10 00:00:00
debian
debian
[SECURITY] [DLA 2114-1] linux-4.9 security update
2020-03-02 18:14:56
osv
osv
linux-4.9 - security update
2020-02-21 00:00:00
androidsecurity
androidsecurity
Pixel Update Bulletinβ€”June 2020
2020-06-01 00:00:00

8.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON
Related for F5:K88125023
cve3symantec2redhatcve3ubuntucve3veracode1prion3debiancve3nvd3cvelist3ptsecurity1kitploit1nessus33openvas30redhat3suse3ubuntu6slackware1oraclelinux1photon5cloudfoundry1debian1osv1androidsecurity1