Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian LTS Advisory ([SECURITY] [DLA 2068-1] linux security update)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'linux' package(s) announced via the DSA-2068-1 advisory.
Insight
Insight
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-2215 The syzkaller tool discovered a use-after-free vulnerability in the Android binder driver. A local user on a system with this driver enabled could use this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. However, this driver is not enabled on Debian packaged kernels. CVE-2019-10220 Various developers and researchers found that if a crafted file- system or malicious file server presented a directory with filenames including a '/' character, this could confuse and possibly defeat security checks in applications that read the directory. The kernel will now return an error when reading such a directory, rather than passing the invalid filenames on to user-space. CVE-2019-14895, CVE-2019-14901 ADLab of Venustech discovered potential heap buffer overflows in the mwifiex wifi driver. On systems using this driver, a malicious Wireless Access Point or adhoc/P2P peer could use these to cause a denial of service (memory corruption or crash) or possibly for remote code execution. CVE-2019-14896, CVE-2019-14897 ADLab of Venustech discovered potential heap and stack buffer overflows in the libertas wifi driver. On systems using this driver, a malicious Wireless Access Point or adhoc/P2P peer could use these to cause a denial of service (memory corruption or crash) or possibly for remote code execution. CVE-2019-15098 Hui Peng and Mathias Payer reported that the ath6kl wifi driver did not properly validate USB descriptors, which could lead to a null pointer derefernce. An attacker able to add USB devices could use this to cause a denial of service (BUG/oops). CVE-2019-15217 The syzkaller tool discovered that the zr364xx mdia driver did not correctly handle devices without a product name string, which could lead to a null pointer dereference. An attacker able to add USB devices could use this to cause a denial of service (BUG/oops). CVE-2019-15291 The syzkaller tool discovered that the b2c2-flexcop-usb media driver did not properly validate USB descriptors, which could lead to a null pointer dereference. An attacker able to add USB devices could use this to cause a denial of service (BUG/oops). CVE-2019-15505 The syzkaller tool discovered that the technisat-usb2 media driver did not properly validate incoming IR packets, which could lead to a heap buffer over-read. An attacker able to add USB devices could use this to cause a denial of service (BUG/oops) or to read sensitive information from kernel memory. ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'linux' package(s) on Debian Linux.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
For Debian 8 'Jessie', these problems have been fixed in version 3.16.81-1. We recommend that you upgrade your linux packages.
Common Vulnerabilities and Exposures (CVE)
- CVE-2019-10220
- CVE-2019-14895
- CVE-2019-14896
- CVE-2019-14897
- CVE-2019-14901
- CVE-2019-15098
- CVE-2019-15217
- CVE-2019-15291
- CVE-2019-15505
- CVE-2019-16746
- CVE-2019-17052
- CVE-2019-17053
- CVE-2019-17054
- CVE-2019-17055
- CVE-2019-17056
- CVE-2019-17133
- CVE-2019-17666
- CVE-2019-19051
- CVE-2019-19052
- CVE-2019-19056
- CVE-2019-19057
- CVE-2019-19062
- CVE-2019-19066
- CVE-2019-19227
- CVE-2019-19332
- CVE-2019-19523
- CVE-2019-19524
- CVE-2019-19527
- CVE-2019-19530
- CVE-2019-19531
- CVE-2019-19532
- CVE-2019-19533
- CVE-2019-19534
- CVE-2019-19536
- CVE-2019-19537
- CVE-2019-19767
- CVE-2019-19922
- CVE-2019-19947
- CVE-2019-19965
- CVE-2019-19966
- CVE-2019-2215