PT-2019-3111 · Linux+5 · Linux Kernel+5

Syzbot

Publicado

2019-04-16

Atualizado

2021-05-28

CVE-2019-15214

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.10

Description The issue is related to a use-after-free in the sound subsystem of the Linux kernel. This occurs because card disconnection causes certain data structures to be deleted too early, which is associated with the sound/core/init.c and sound/core/info.c components. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.0.10, update to version 5.0.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the sound subsystem to minimize the risk of exploitation.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-1762

ALT-PU-2019-1767

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2019-03094

CESA-2019_3517

CESA-2020_1016

CVE-2019-15214

DLA-1884-1

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2019:3517

RHSA-2019_3517

RHSA-2020:1016

RHSA-2020_1016

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

SUSE-SU-2019:2949-1

SUSE-SU-2019:2984-1

USN-4115-1

USN-4115-2

USN-4118-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2019-3111 · Linux+5 · Linux Kernel+5

CVE-2019-15214

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 703