PT-2019-4475 · Linux+3 · Linux Kernel+3

Publicado

2019-11-04

Atualizado

2021-05-28

CVE-2019-19529

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11

Description The issue is related to a use-after-free bug in the Linux kernel, which can be triggered by a malicious USB device. This bug is associated with the drivers/net/can/usb/mcba usb.c driver. Exploitation of this bug can lead to a denial of service.

Recommendations For Linux kernel versions prior to 5.3.11, update to version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to USB devices to minimize the risk of exploitation.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-3131

ALT-PU-2019-3155

ALT-PU-2019-3184

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00293

CVE-2019-19529

OPENSUSE-SU-2019:2675-1

OPENSUSE-SU-2019_2675-1

SUSE-SU-2019:3289-1

SUSE-SU-2019:3316-1

SUSE-SU-2019:3317-1

SUSE-SU-2019:3372-1

SUSE-SU-2019:3381-1

SUSE-SU-2019:3389-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

USN-4225-1

USN-4225-2

USN-4226-1

USN-4227-1

USN-4227-2

Produtos afetados

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2019-4475 · Linux+3 · Linux Kernel+3

CVE-2019-19529

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 719