Debian 8: DLA-2242-1 Moderate: Linux 4.9 Privilege Escalation
debian lts
June 10, 2020
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks
Summary
Hanjun Guo and Lei Li reported a race condition in the arm64
virtual memory management code, which could lead to an information
disclosure, denial of service (crash), or possibly privilege
escalation.
CVE-2019-5108
Mitchell Frank of Cisco discovered that when the IEEE 802.11
(WiFi) stack was used in AP mode with roaming, it would trigger
roaming for a newly associated station before the station was
authenticated. An attacker within range of the AP could use this
to cause a denial of service, either by filling up a switching
table or by redirecting traffic away from other stations.
CVE-2019-19319
Jungyeon discovered that a crafted filesystem can cause the ext4
implementation to deallocate or reallocate journal blocks. A user
permitted to mount filesystems could use this to cause a denial of
service (crash), or possibly for privilege escalation.
CVE-2019-19462
The syzbot tool found a missing error check in the 'relay'
PREVIOUS 
NEXT <pre><font face="Courier">Package: linux-4.9
Version: 4.9.210-1+deb9u1~deb8u1
CVE ID: CVE-2019-2182 CVE-2019-5108 CVE-2019-19319 CVE-2019-19462
Debian Bug: 952660
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!