ALT Linux Team

Package kernel-image-un-def update in sisyphus on 2019-04-03

ALT-PU-2019-1584-1

Package kernel-image-un-def updated to version 5.0.6-alt1 for branch sisyphus in task 226441.

Closed vulnerabilities

Published: 2019-03-29

BDU:2020-00357

Уязвимость функции drop_sysctl_table() ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-03-19

BDU:2020-03025

Уязвимость функций rx_queue_add_kobject() и netdev_queue_add_kobject() (net/core/net-sysfs.c) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:
Published: 2019-09-04
Modified: 2024-11-21

CVE-2019-15921

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-12-28
Modified: 2024-11-21

CVE-2019-20054

In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-06-03
Modified: 2024-11-21

CVE-2019-20811

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top