YueHaibing - Security Researcher - Exploit Intelligence Platform

CVE-2019-12818 WRITEUP HIGH WRITEUP

Linux Kernel < 4.20.15 - Denial of Service via NFC LLCP TLV Builder

An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.

CVSS 7.5

View Code

CVE-2019-12819 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.0 - Use-After-Free in MDIO Bus Registration

An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.

CVSS 5.5

View Code

CVE-2019-15090 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.1.12 - Out-of-bounds Read in qedi_dbg Functions

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

CVSS 6.7

View Code

CVE-2019-15921 WRITEUP MEDIUM WRITEUP

Linux kernel <5.0.6 - Memory Corruption

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

CVSS 4.7

View Code

CVE-2019-15922 WRITEUP MEDIUM WRITEUP

Linux kernel <5.0.9 - Null Pointer Dereference

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.

CVSS 5.5

View Code

CVE-2019-15923 WRITEUP MEDIUM WRITEUP

Linux kernel <5.0.9 - Null Pointer Dereference

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

CVSS 5.5

View Code

CVE-2019-20806 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.2 - Denial of Service via NULL Pointer Dereference in tw5864_handle_frame

An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.

CVSS 4.4

View Code

CVE-2021-38205 WRITEUP LOW WRITEUP

Linux kernel <5.13.3 - Info Disclosure

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

CVSS 3.3

View Code