SECALERTS
We found 35 new vulnerabilities in your software stack this week.
22 CRITICAL     13 MODERATE

Linux Kernel

CVE-2019-11487 The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
CVE-2019-3882 A flaw was found in the Linux kernel's vfio interface implem...
CVE-2013-7470 cipso_v4_validate in include/net/cipso_ipv4.h in the Linux k...
CVE-2019-3901 A race condition in perf_event_open() allows local attackers...
CVE-2019-11486 The Siemens R3964 line discipline driver in drivers/tty/n_r3...

Thunderbird

CVE-2019-9791 The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVE-2019-9793 A mechanism was discovered that removes some bounds checking...
CVE-2018-18509 A flaw during verification of certain S/MIME signatures caus...
CVE-2019-9792 The IonMonkey just-in-time (JIT) compiler can leak an intern...
CVE-2019-9794 A vulnerability was discovered where specific command line a...
CVE-2019-9795 A vulnerability where type-confusion in the IonMonkey just-i...
CVE-2019-9801 Firefox will accept any registered Program ID as an external...
CVE-2019-9810 Incorrect alias information in IonMonkey JIT compiler for Ar...
CVE-2019-9813 Incorrect handling of __proto__ mutations may lead to type c...
CVE-2019-9796 A use-after-free vulnerability can occur when the SMIL anima...
CVE-2018-18513 A crash can occur when processing a crafted S/MIME message o...
CVE-2018-18512 A use-after-free vulnerability can occur while playing a sou...
CVE-2019-9790 A use-after-free vulnerability can occur when a raw pointer ...
CVE-2019-9788 Mozilla developers and community members reported memory saf...

Firefox

CVE-2019-9804 In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
CVE-2018-5179 A service worker can send the activate event on itself perio...
CVE-2019-9802 If a Sandbox content process is compromised, it can initiate...
CVE-2019-9803 The Upgrade-Insecure-Requests (UIR) specification states tha...
CVE-2019-9797 Cross-origin images can be read in violation of the same-ori...
CVE-2019-9798 On Android systems, Firefox can load a library from APITRACE...
CVE-2019-9808 If WebRTC permission is requested from documents with data: ...
CVE-2019-9809 If the source for resources on a page is through an FTP conn...
CVE-2018-18511 Cross-origin images can be read from a canvas element in vio...
CVE-2019-9807 When arbitrary text is sent over an FTP connection and a pag...
CVE-2019-9805 A latent vulnerability exists in the Prio library where data...
CVE-2019-9806 A vulnerability exists during authorization prompting for FT...
CVE-2019-9799 Insufficient bounds checking of data during inter-process co...
CVE-2018-5124 Unsanitized output in the browser UI leaves HTML tags in pla...
CVE-2018-18510 The about:crashcontent and about:crashparent pages can be tr...
CVE-2019-9789 Mozilla developers and community members reported memory saf...
Copyright 2019 SecAlerts. Edit your stack