PT-2019-4285 · Linux+5 · Linux Kernel+5

Will Dormann

·

Publicado

2019-09-10

·

Atualizado

2023-01-17

·

CVE-2019-19074

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11
Description The issue is related to a memory leak in the Linux kernel, specifically in the ath9k wmi cmd() function. This memory leak can be exploited by a remote attacker to cause a denial of service due to memory consumption. The problem is associated with uncontrolled resource consumption.
Recommendations For Linux kernel versions prior to 5.3.11, update to version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable function ath9k wmi cmd() until a patch is available.

Correção

DoS

Memory Leak

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-400

Identificadores relacionados

ALT-PU-2019-3291
ALT-PU-2019-3343
ALT-PU-2019-3369
ALT-PU-2020-1198
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1501
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2020-2737
ALT-PU-2020-3454
ALT-PU-2021-1531
ALT-PU-2021-1840
BDU:2019-04892
CESA-2020_1567
CESA-2020_1769
CVE-2019-19074
DLA-2420-1
DLA-2420-2
OPENSUSE-SU-2019:2675-1
OPENSUSE-SU-2019_2675-1
RHSA-2020:1567
RHSA-2020:1769
RHSA-2020_1567
RHSA-2020_1769
SUSE-SU-2019:3200-1
SUSE-SU-2019:3289-1
SUSE-SU-2019:3316-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3371-1
SUSE-SU-2019:3372-1
SUSE-SU-2019:3379-1
SUSE-SU-2019:3381-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0599-1
SUSE-SU-2020:0613-1
SUSE-SU-2020:1255-1
SUSE-SU-2020:14354-1
USN-4526-1
USN-4527-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu