Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2019-19055 Memory Leak vulnerability in multiple products
A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929.
local
low complexity
canonical fedoraproject linux CWE-401
5.5
2019-11-18 CVE-2019-19054 Memory Leak vulnerability in multiple products
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
4.7
2019-11-18 CVE-2019-19051 Memory Leak vulnerability in multiple products
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.
local
low complexity
linux debian canonical opensuse CWE-401
5.5
2019-11-18 CVE-2019-19047 Memory Leak vulnerability in multiple products
A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.
local
low complexity
linux canonical CWE-401
5.5
2019-11-18 CVE-2019-19045 Memory Leak vulnerability in multiple products
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.
local
low complexity
linux canonical opensuse CWE-401
4.4
2019-11-18 CVE-2019-19043 Memory Leak vulnerability in multiple products
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.
local
low complexity
linux canonical fedoraproject CWE-401
5.5
2019-11-14 CVE-2019-18978 Path Traversal vulnerability in multiple products
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby.
network
low complexity
rack-cors-project debian canonical CWE-22
5.3
2019-11-14 CVE-2018-12207 Improper Input Validation vulnerability in multiple products
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
6.5
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. 6.5
2019-11-14 CVE-2019-0154 Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
canonical intel
5.5