PT-2019-4396 · Linux+3 · Linux Kernel+3

Publicado

2019-10-02

·

Atualizado

2023-01-26

·

CVE-2019-19083

CVSS v3.1

4.7

Média

VetorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.8
Description The issue is related to a memory leak in the clock source create() function under /gpu/drm/amd/display/dc in the Linux kernel. This leak can be exploited by a remote attacker to cause a denial of service due to memory consumption. The affected functions include dce112 clock source create(), dce100 clock source create(), dcn10 clock source create(), dcn20 clock source create(), dce120 clock source create(), dce110 clock source create(), and dce80 clock source create().
Recommendations For Linux kernel versions prior to 5.3.8, update to version 5.3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected functions until a patch is applied.

Correção

DoS

Memory Leak

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-400

Identificadores relacionados

ALT-PU-2019-3059
ALT-PU-2019-3061
ALT-PU-2019-3066
ALT-PU-2020-1198
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1501
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2020-00118
CVE-2019-19083
OPENSUSE-SU-2019:2675-1
OPENSUSE-SU-2019_2675-1
OPENSUSE-SU-2023_0152-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3372-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0613-1
SUSE-SU-2023:0134-1
SUSE-SU-2023:0152-1
SUSE-SU-2023_0134-1
SUSE-SU-2023_0152-1
USN-4208-1
USN-4226-1
USN-4227-1
USN-4227-2

Produtos afetados

Alt Linux
Linux Kernel
Suse
Ubuntu