In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,CVE-2019-19319PUBLISHED: 2019-11-27
In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.CVE-2019-18247PUBLISHED: 2019-11-27
An attacker may use a specially crafted message to force Relion 650 series (versions 188.8.131.52 and prior) or Relion 670 series (versions 184.108.40.206, 220.127.116.11, 18.104.22.168 and prior) to reboot, which could cause a denial of service.CVE-2019-18253PUBLISHED: 2019-11-27
An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 22.214.171.124, 126.96.36.199, RES670 188.8.131.52, 184.108.40.206, and prior) outside the intended directory.CVE-2019-18660PUBLISHED: 2019-11-27
The Linux kernel through 5.3.13 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and ..