PT-2019-4157 · Linux+5 · Linux Kernel+5

Dhananjay Arunesh

·

Publicado

2018-08-21

·

Atualizado

2025-09-29

·

CVE-2019-10207

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.18.0 Linux kernel versions 5.x.x
Description The issue is related to a flaw in the Linux kernel's Bluetooth implementation for UART, which can be exploited to cause a system crash. An attacker with local access and write permissions to the Bluetooth hardware could issue a specially crafted ioctl function call to exploit this issue. The flaw is associated with a null pointer dereference in various Bluetooth driver files.
Recommendations For Linux kernel versions prior to 4.18.0, update to version 4.18.0 or later to resolve the issue. For Linux kernel versions 5.x.x, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the Bluetooth hardware to minimize the risk of exploitation.

Exploit

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2018-2192
ALT-PU-2018-2210
ALT-PU-2019-1433
ALT-PU-2019-2366
ALT-PU-2019-2382
ALT-PU-2019-2401
ALT-PU-2019-2465
ALT-PU-2019-2481
ALT-PU-2019-3291
ALT-PU-2019-3343
ALT-PU-2019-3369
ALT-PU-2020-1025
ALT-PU-2020-1070
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1714
BDU:2019-04744
CESA-2019_3309
CESA-2019_3517
CESA-2020_1016
CVE-2019-10207
DLA-1884-1
DLA-1885-1
DSA-4495-1
DSA-4497-1
ELSA-2019-3517
ELSA-2019-4820
ELSA-2020-1016
ELSA-2021-9534
MGASA-2019-0220
MGASA-2019-0221
MGASA-2019-0333
OPENSUSE-SU-2019:1923-1
OPENSUSE-SU-2019:1924-1
OPENSUSE-SU-2019_1923-1
OPENSUSE-SU-2019_1924-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2019:3309
RHSA-2019:3517
RHSA-2019_3309
RHSA-2019_3517
RHSA-2020:1016
RHSA-2020:1070
RHSA-2020_1016
RHSA-2020_1070
SUSE-SU-2019:2263-1
SUSE-SU-2019:2299-1
SUSE-SU-2019:2412-1
SUSE-SU-2019:2414-1
SUSE-SU-2019:2424-1
SUSE-SU-2019:2648-1
SUSE-SU-2019:2658-1
SUSE-SU-2019:2738-1
SUSE-SU-2019:2756-1
SUSE-SU-2019:2950-1
SUSE-SU-2019_2263-1
SUSE-SU-2019_2299-1
USN-4115-1
USN-4115-2
USN-4118-1
USN-4145-1
USN-4147-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu