Allele Security Intelligence

ASA-2019-00644 – Linux kernel: A memory leak in ql_alloc_large_buffers()

Posted on December 4, 2019December 10, 2019 by Allele Security Intelligence in Alerts

A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures.

ASA-2019-00643 – Linux kernel: Two memory leaks in sja1105_static_config_upload()

Posted on December 4, 2019December 10, 2019 by Allele Security Intelligence in Alerts

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures.

ASA-2019-00642 – Linux kernel: A memory leak in ccp_run_sha_cmd()

Posted on December 4, 2019December 10, 2019 by Allele Security Intelligence in Alerts

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause a denial of service (memory consumption).

ASA-2019-00639 – Linux kernel: Memory leak in sof_set_get_large_ctrl_data()

Posted on November 8, 2019November 25, 2019 by Allele Security Intelligence in Alerts

A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures.

ASA-2019-00638 – Linux kernel: Memory leak in sof_dfsentry_write()

Posted on November 8, 2019November 25, 2019 by Allele Security Intelligence in Alerts

A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel allows attackers to cause a denial of service (memory consumption).

ASA-2019-00637 – Linux kernel: Memory leak in dwc3_pci_probe()

Posted on November 8, 2019November 25, 2019 by Allele Security Intelligence in Alerts

A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures.

ASA-2019-00111 – BIND: A specially crafted packet can cause named to leak memory

Posted on February 26, 2019February 26, 2019 by Allele Security Intelligence in Alerts

A failure to free memory can occur when processing messages having a specific combination of EDNS options. By exploiting this condition, an attacker can potentially cause named's memory use to grow without bounds until all memory available to the process is exhausted. Typically a server process is limited as to the amount of memory it can use but if the named process is not limited by the operating system all free memory on the server could be exhausted.

ASA-2019-00034 – OpenBSD: The mincore() system call can be used to observe memory access patterns of other processes

Posted on January 28, 2019March 28, 2019 by Allele Security Intelligence in Alerts

The mincore() system call can be used to observe memory access patterns of other processes.