Debian 9 Stretch: DLA-2420-2 Critical: Kernel Regression Update
debian lts
October 31, 2020
This update corrects a regression in some Xen virtual machine environments
Summary
CVE-2019-9445
A potential out-of-bounds read was discovered in the F2FS
implementation. A user permitted to mount and access arbitrary
filesystems could potentially use this to cause a denial of
service (crash) or to read sensitive information.
CVE-2019-19073, CVE-2019-19074
Navid Emamdoost discovered potential memory leaks in the ath9k and
ath9k_htc drivers. The security impact of these is unclear.
CVE-2019-19448
"Team bobfuzzer" reported a bug in Btrfs that could lead to a
use-after-free, and could be triggered by crafted filesystem
images. A user permitted to mount and access arbitrary
filesystems could use this to cause a denial of service (crash or
memory corruption) or possibly for privilege escalation.
CVE-2020-12351
Andy Nguyen discovered a flaw in the Bluetooth implementation in
the way L2CAP packets with A2MP CID are handled. A remote attacker
within a short distance, knowing the victim's Bluetooth device
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
-------------------------------------------------------------------------Package: linux
Version: 4.9.240-2
CVE ID: CVE-2019-9445 CVE-2019-19073 CVE-2019-19074 CVE-2019-19448
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!