PT-2019-4397 · Linux+3 · Linux Kernel+3

Publicado

2019-09-25

·

Atualizado

2021-05-28

·

CVE-2019-19082

CVSS v3.1

4.7

Média

VetorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11
Description The issue is related to memory leaks in the create resource pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel. This affects several functions, including dce120 create resource pool(), dce110 create resource pool(), dce100 create resource pool(), dcn10 create resource pool(), and dce112 create resource pool(). The memory leaks can be exploited by attackers to cause a denial of service due to memory consumption.
Recommendations For Linux kernel versions prior to 5.3.11, update to a version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected create resource pool() functions to minimize the risk of exploitation.

Correção

DoS

Memory Leak

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-400

Identificadores relacionados

ALT-PU-2019-3180
ALT-PU-2019-3184
ALT-PU-2019-3268
ALT-PU-2020-1198
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1501
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2020-00119
CVE-2019-19082
OPENSUSE-SU-2019:2675-1
OPENSUSE-SU-2019_2675-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3372-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0613-1
USN-4258-1
USN-4284-1
USN-4287-1
USN-4287-2

Produtos afetados

Alt Linux
Linux Kernel
Suse
Ubuntu