ASA-2019-00644 – Linux kernel: A memory leak in the ql_alloc_large_buffers() function

A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures.

ASA-2019-00643 – Linux kernel: Two memory leaks in the sja1105_static_config_upload() function

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures.

ASA-2019-00635 – Linux kernel: Signed integer overflow in tcp_ack_update_rtt()

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact.