Mao Wenan - Security Researcher - Exploit Intelligence Platform

CVE-2019-11815 WRITEUP HIGH WRITEUP

Linux kernel <5.0.8 - Use After Free

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

CVSS 8.1

View Code

CVE-2019-16994 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.0 - Denial of Service via Memory Leak in sit_init_net()

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.

CVSS 4.7

View Code

CVE-2019-16995 WRITEUP HIGH WRITEUP

Linux Kernel 3.17-5.0.2 - Use-After-Free in HSR Device Finalization

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

CVSS 7.5

View Code

CVE-2019-18680 WRITEUP HIGH WRITEUP

Linux Kernel 4.4.179-4.4.194 - Denial of Service via NULL Pointer Dereference in rds_tcp_kill_sock()

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.

CVSS 7.5

View Code