ALT Linux Team

Package kernel-image-un-def update in sisyphus on 2019-08-16

ALT-PU-2019-2487-1

Package kernel-image-un-def updated to version 5.2.9-alt1 for branch sisyphus in task 236203.

Closed vulnerabilities

Published: 2019-08-02

BDU:2020-00291

Уязвимость драйвера drivers/net/can/usb/peak_usb/pcan_usb_fd.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM (4.9) Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
References:
Published: 2019-08-05

BDU:2020-00297

Уязвимость драйвера drivers/usb/misc/yurex.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Severity: MEDIUM (6.8) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2019-08-02

BDU:2020-00298

Уязвимость драйвера drivers/net/can/usb/peak_usb/pcan_usb_pro.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (4.6) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM (4.9) Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
References:
Published: 2019-12-03
Modified: 2024-11-21

CVE-2019-19531

In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.

Severity: MEDIUM (4.6) Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: MEDIUM (6.8) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-12-03
Modified: 2024-11-21

CVE-2019-19535

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2019-12-03
Modified: 2024-11-21

CVE-2019-19536

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top