PT-2019-4477 · Linux+4 · Linux Kernel+4

Syzbot

Publicado

2019-08-06

Atualizado

2023-08-04

CVE-2019-19527

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.10

Description The issue is related to a use-after-free bug in the Linux kernel, specifically in the drivers/hid/usbhid/hiddev.c driver. This bug can be triggered by a malicious USB device, potentially allowing an attacker to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.2.10, update to version 5.2.10 or later to resolve the issue. As a temporary workaround, consider restricting the use of USB devices to minimize the risk of exploitation.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-2537

ALT-PU-2019-2545

ALT-PU-2019-2655

ALT-PU-2019-2746

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00295

CESA-2020_1372

CESA-2020_1378

CESA-2020_3220

CVE-2019-19527

DLA-2068-1

DLA-2114-1

OPENSUSE-SU-2020:0336-1

OPENSUSE-SU-2020_0336-1

RHSA-2020:1372

RHSA-2020:1378

RHSA-2020:3220

RHSA-2020:3221

RHSA-2020:4236

RHSA-2020_1372

RHSA-2020_1378

RHSA-2020_3220

RHSA-2020_3221

SUSE-SU-2019:3316-1

SUSE-SU-2019:3379-1

SUSE-SU-2019:3381-1

SUSE-SU-2019:3389-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0511-1

SUSE-SU-2020:0560-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1255-1

SUSE-SU-2020:14354-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4477 · Linux+4 · Linux Kernel+4

CVE-2019-19527

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 768