PT-2019-4469 · Linux+5 · Linux Kernel+5

Publicado

2019-10-09

Atualizado

2021-05-28

CVE-2019-19528

CVSS v3.1

6.1

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.7

Description The issue is related to a use-after-free bug in the Linux kernel, specifically in the drivers/usb/misc/iowarrior.c driver. This bug can be triggered by a malicious USB device, potentially leading to a denial of service.

Recommendations For Linux kernel versions prior to 5.3.7, update to version 5.3.7 or later to resolve the issue. As a temporary workaround, consider disabling the use of USB devices that may exploit this vulnerability until a patch is applied. Restrict access to the vulnerable driver to minimize the risk of exploitation.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2021:1578

ALT-PU-2019-2996

ALT-PU-2019-3061

ALT-PU-2019-3066

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00287

CESA-2021_1578

CESA-2021_1739

CVE-2019-19528

OPENSUSE-SU-2019:2675-1

OPENSUSE-SU-2019_2675-1

RHSA-2021:1578

RHSA-2021:1739

RHSA-2021_1578

RHSA-2021_1739

SUSE-SU-2019:3289-1

SUSE-SU-2019:3316-1

SUSE-SU-2019:3317-1

SUSE-SU-2019:3372-1

SUSE-SU-2019:3381-1

SUSE-SU-2019:3389-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

Produtos afetados

Alt Linux

Almalinux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4469 · Linux+5 · Linux Kernel+5

CVE-2019-19528

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 697