Preface: Cyber attack similar real world. There are different types of ideas and concepts in the world make humans become extreme. So we have war and different arguments. Besides, there are bacteria and virus try to infect our body. Kernel like tiny world, they also hits above circumstances.
CVE-2019-10639 – Linux Kernel IP ID Values Information Disclosure Vulnerability. The vulnerability exists because it is possible to extract the Kernel Address Space Layout Randomization (KASLR) kernel image offset of the affected software using the IP ID values that the kernel produces for connectionless protocols.
CVE-2019-10638 – Linux Kernel Connectionless Protocols IP ID Values Information Disclosure Vulnerability. The vulnerability exists because the affected software uses the IP ID values that the kernel produces for connectionless protocols.
Reference: The IDR provides the ability to map an ID to a pointer, while the IDA provides only ID allocation, and as a result is much more memory-efficient.
CVE-2018-20815 – The vulnerability is due to buffer errors in the deprecated load_image function, as defined in the device_tree.c source code file of the affected software.
Summary: The impact of above vulnerability especially CVE-2018-20815, a large footprint of impact to virtual machine software provider. IP ID Values Information Disclosure Vulnerabilities has been addressed by Kernel.org.
But Linux user must staying alert.
CVE-2019-10638, CVE-2019-10639 – https://www.kernel.org/