PT-2019-4415 · Linux+2 · Linux Kernel+2

Publicado

2019-09-27

Atualizado

2024-08-05

CVE-2019-19076

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.6

Description A memory leak in the nfp abm u32 knode replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c allows attackers to cause a denial of service (memory consumption). The issue has been argued as not a valid vulnerability, and the upstream commit was reverted.

Recommendations For Linux kernel versions prior to 5.3.6, update to version 5.3.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the nfp abm u32 knode replace() function until a patch is available.

Correção

DoS

Resource Exhaustion

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400CWE-401

Identificadores relacionados

ALT-PU-2019-2900

ALT-PU-2019-2930

ALT-PU-2019-3061

ALT-PU-2020-1198

ALT-PU-2020-1329

ALT-PU-2020-1330

ALT-PU-2020-1398

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1524

ALT-PU-2020-1714

ALT-PU-2020-1945

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2020-3057

ALT-PU-2021-1745

ALT-PU-2021-1870

AZL-41940

BDU:2020-00158

CVE-2019-19076

USN-4209-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2019-4415 · Linux+2 · Linux Kernel+2

CVE-2019-19076

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 26