ASA-2019-00658 – Linux kernel: Mounting a crafted btrfs filesystem image can lead to a use-after-free through syncfs system call

Mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.

ASA-2019-00657 – Linux kernel: Use-after-free vulnerability when deleting a file from a recently unmounted specially crafted ext4 filesystem

A flaw was found in the Linux kernel's ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI.

ASA-2019-00654 – Linux kernel: Memory corruption due to the use of cached fpu_fpregs_owner_ctx

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64.

ASA-2019-00644 – Linux kernel: A memory leak in ql_alloc_large_buffers()

A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures.

ASA-2019-00643 – Linux kernel: Two memory leaks in sja1105_static_config_upload()

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures.

ASA-2019-00641 – Linux kernel: Memory leak in af9005_identify_state()

A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allows attackers to cause a denial of service (memory consumption).

ASA-2019-00640 – Linux kernel: Memory leak in komeda_wb_connector_add()

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures.