Debian LTS: DLA-2241-1 Critical: Linux Kernel Privilege Escalation
debian lts
June 9, 2020
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks
Summary
A race condition was found in the ext4 filesystem implementation.
A local user could exploit this to cause a denial of service
(filesystem corruption).
CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613
Wen Xu from SSLab at Gatech reported that crafted Btrfs volumes
could trigger a crash (Oops) and/or out-of-bounds memory access.
An attacker able to mount such a volume could use this to cause a
denial of service or possibly for privilege escalation.
CVE-2019-5108
Mitchell Frank of Cisco discovered that when the IEEE 802.11
(WiFi) stack was used in AP mode with roaming, it would trigger
roaming for a newly associated station before the station was
authenticated. An attacker within range of the AP could use this
to cause a denial of service, either by filling up a switching
table or by redirecting traffic away from other stations.
CVE-2019-19319
Jungyeon discovered that a crafted filesystem can cause the ext4
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: linux
Version: 3.16.84-1
CVE ID: CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!