CVSS Base Vector:
The remote host is missing an update for the 'linux'
Linux Distribution Package(s) announced via the DSA-1930-1 advisory.
Checks if a vulnerable Linux Distribution Package version is present on the target host.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
A race condition was discovered in the GFS2 file-system
implementation, which could lead to a use-after-free. On a system
using GFS2, a local attacker could use this for denial of service
(memory corruption or crash) or possibly for privilege escalation.
It was discovered that the XFS file-system implementation did not
correctly handle some mount failure conditions, which could lead
to a use-after-free. The security impact of this is unclear.
It was discovered that the rsi wifi driver did not correctly
handle some failure conditions, which could lead to a use-after-
free. The security impact of this is unclear.
It was discovered that the wifi soft-MAC implementation (mac80211)
did not properly authenticate Tunneled Direct Link Setup (TDLS)
messages. A nearby attacker could use this for denial of service
(loss of wifi connectivity).
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen
discovered a weakness in the Bluetooth pairing protocols, dubbed
the 'KNOB attack'. An attacker that is nearby during pairing
could use this to weaken the encryption used between the paired
devices, and then to eavesdrop on and/or spoof communication
This update mitigates the attack by requiring a minimum encryption
key length of 56 bits.
CVE-2019-14814, CVE-2019-14815, CVE-2019-14816
Multiple bugs were discovered in the mwifiex wifi driver, which
could lead to heap buffer overflows. A local user permitted to
configure a device handled by this driver could probably use this
for privilege escalation.
Matt Delco reported a race condition in KVM's coalesced MMIO
facility, which could lead to out-of-bounds access in the kernel.
A local attacker permitted to access /dev/kvm could use this to
cause a denial of service (memory corruption or crash) or possibly
for privilege escalation.
Peter Pi of Tencent Blade Team discovered a missing bounds check
in vhost_net, the network back-end driver for KVM hosts, leading
to a buffer overflow when the host begins live migration of a VM.
An attacker in control of a VM could use this to cause a denial of
service (memory corruption or crash) or possibly for privilege
escalation on the host.
Hui Peng and Mathias Payer reported a missing bounds check in the
usb-audio driver's descriptor parsing code, leading to a buffer
over-read. An attacker able to add USB devices could possibly use
this to cause a deni ...
Description truncated. Please see the references for more information.
'linux' Linux Distribution Package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your linux Linux Distribution Packages.
NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)
Linux Distribution Package