PT-2019-4209 · Linux+5 · Linux Kernel+5

Publicado

2019-10-09

·

Atualizado

2021-05-28

·

CVE-2019-19058

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11
Description A memory leak in the alloc sgtable() function in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering alloc page() failures. This issue is related to the drivers/net/wireless/intel/iwlwifi/fw/dbg.c file. The vulnerability can be exploited by remote attackers to cause a denial of service.
Recommendations For Linux kernel versions prior to 5.3.11, update to a version that includes the fix for this issue to prevent memory leaks and potential denial of service attacks. As a temporary workaround, consider restricting access to the alloc sgtable() function to minimize the risk of exploitation.

Correção

DoS

Memory Leak

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-400

Identificadores relacionados

ALT-PU-2019-3180
ALT-PU-2019-3184
ALT-PU-2019-3268
ALT-PU-2020-1198
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1501
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2019-04806
CESA-2020_1567
CESA-2020_1769
CESA-2020_4060
CVE-2019-19058
OPENSUSE-SU-2019:2675-1
OPENSUSE-SU-2019_2675-1
RHSA-2020:1567
RHSA-2020:1769
RHSA-2020:4060
RHSA-2020:4062
RHSA-2020_1567
RHSA-2020_1769
RHSA-2020_4060
RHSA-2020_4062
SUSE-SU-2019:3200-1
SUSE-SU-2019:3289-1
SUSE-SU-2019:3316-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3371-1
SUSE-SU-2019:3372-1
SUSE-SU-2019:3381-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0599-1
SUSE-SU-2020:0613-1
USN-4300-1
USN-4301-1
USN-4302-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu