Robert Frohl

#10749of 53,634
25.6Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2019-4947
6.8
2019-10-22
Linux · Linux Kernel · CVE-2019-19046
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.3.11 **Description** The issue is related to a memory leak in the ` ipmi bmc register()` function, which can be triggered by causing the `ida simple get()` function to fail. This can lead to a denial of service due to memory consumption. However, it is noted that third parties dispute the relevance of this issue because an attacker cannot realistically control this failure at probe time. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-4096
5.5
2019-10-05
Linux · Linux Kernel · CVE-2019-19055
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.3.11 **Description** A memory leak in the `nl80211 get ftm responder stats()` function in `net/wireless/nl80211.c` allows attackers to cause a denial of service (memory consumption) by triggering `nl80211hdr put()` failures. This issue occurs on a code path where a successful allocation has already occurred, and its relevance is disputed by third parties. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-4207
7.8
2019-10-01
Linux · Linux Kernel · CVE-2019-19070
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.3.11 **Description** A memory leak in the `spi gpio probe()` function in `drivers/spi/spi-gpio.c` allows attackers to cause a denial of service by triggering `devm add action or reset()` failures. This issue is disputed by third parties because the system must have already been out of memory before the probe began. **Recommendations** For Linux kernel versions through 5.3.11, update to a version later than 5.3.11 to resolve the issue. As a temporary workaround, consider restricting system resources to prevent memory exhaustion.
PT-2018-14864
5.5
2018-11-12
Netwide · Netwide Assembler · CVE-2018-19209
**Name of the Vulnerable Software and Affected Versions** Netwide Assembler (NASM) version 2.14rc15 **Description** The issue is related to a NULL pointer dereference in the `find label` function located in `asm/labels.c`. This can lead to a denial of service (DoS) attack. **Recommendations** For Netwide Assembler (NASM) version 2.14rc15, consider avoiding the use of the `find label` function until a patch is available. As a temporary workaround, restrict access to the `asm/labels.c` module to minimize the risk of exploitation.