ASA-2019-00647 – Facebook WhatsApp: A stack-based buffer overflow by sending a specially crafted MP4 file

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.

ASA-2019-00640 – Linux kernel: Memory leak in komeda_wb_connector_add()

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures.

ASA-2019-00639 – Linux kernel: Memory leak in sof_set_get_large_ctrl_data()

A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures.

ASA-2019-00637 – Linux kernel: Memory leak in dwc3_pci_probe()

A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures.