RHSA-2020:1016MediumCVSS 8.4

Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Published
March 31, 2020
Last Modified
June 27, 2026

🔗 CVE IDs covered (25)

📋 Description

CVE-2015-9289 — kernel: out of bound read in DVB connexant driver. CVE-2017-17807 — kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission CVE-2018-7191 — kernel: denial of service via ioctl call in network tun handling CVE-2018-19985 — kernel: oob memory read in hso_probe in drivers/net/usb/hso.c CVE-2018-20169 — kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS CVE-2019-3901 — kernel: perf_event_open() and execve() race in setuid programs allows a data leak CVE-2019-5108 — kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS CVE-2019-9503 — kernel: brcmfmac frame validation bypass CVE-2019-10207 — kernel: null-pointer dereference in hci_uart_set_flow_control CVE-2019-10638 — Kernel: net: weak IP ID generation leads to remote device tracking CVE-2019-10639 — Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR CVE-2019-11190 — kernel: ASLR bypass for setuid binaries due to late install_exec_creds() CVE-2019-11884 — kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command CVE-2019-12382 — kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service CVE-2019-13233 — kernel: use-after-free in arch/x86/lib/insn-eval.c CVE-2019-13648 — kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call CVE-2019-14283 — kernel: integer overflow and OOB read in drivers/block/floppy.c CVE-2019-14814 — kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS CVE-2019-14815 — kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS CVE-2019-15090 — kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure CVE-2019-15214 — kernel: use-after-free in sound/core/init.c and sound/core/info.c CVE-2019-15221 — kernel: Null pointer dereference in the sound/usb/line6/pcm.c CVE-2019-15916 — kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service CVE-2019-16746 — kernel: buffer-overflow hardening in WiFi beacon validation code. CVE-2019-18660 — kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure

🔗 References (38)