PT-2019-3230 · Linux+3 · Linux Kernel+3

Hui Peng

·

Publicado

2019-08-14

·

Atualizado

2024-06-15

·

CVE-2019-15098

CVSS v2.0

4.9

Média

VetorAV:L/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.9
Description The issue is related to a driver error in the Linux kernel, specifically in the drivers/net/wireless/ath/ath6kl/usb.c file, which is associated with NULL pointer dereference errors. This can be exploited by an attacker to cause a denial of service. The error occurs due to an incomplete address in an endpoint descriptor.
Recommendations For Linux kernel versions prior to 5.2.9, update to version 5.2.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable driver to minimize the risk of exploitation.

Correção

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2019-2537
ALT-PU-2019-2545
ALT-PU-2019-2655
ALT-PU-2019-2746
ALT-PU-2019-3096
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2019-03220
CVE-2019-15098
DLA-2068-1
DLA-2114-1
OPENSUSE-SU-2019:2173-1
OPENSUSE-SU-2019:2181-1
OPENSUSE-SU-2019_2173-1
OPENSUSE-SU-2019_2181-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
SUSE-SU-2019:2412-1
SUSE-SU-2019:2414-1
SUSE-SU-2019:2424-1
SUSE-SU-2019:2648-1
SUSE-SU-2019:2651-1
SUSE-SU-2019:2658-1
SUSE-SU-2019:2738-1
SUSE-SU-2019:2756-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:2984-1
USN-4184-1
USN-4185-1
USN-4186-1
USN-4186-2

Produtos afetados

Alt Linux
Linux Kernel
Suse
Ubuntu