PT-2019-4480 · Linux+2 · Linux Kernel+2

Publicado

2019-08-02

Atualizado

2022-03-31

CVE-2019-19536

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.9

Description The issue is related to an info-leak bug in the Linux kernel, specifically in the drivers/net/can/usb/peak usb/pcan usb pro.c driver. This bug can be triggered by a malicious USB device, potentially allowing an attacker to disclose protected information. The vulnerability is associated with a lack of protection for service data.

Recommendations For Linux kernel versions prior to 5.2.9, update to version 5.2.9 or later to resolve the issue. As a temporary workaround, consider restricting access to USB devices to minimize the risk of exploitation.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-909CWE-200

Identificadores relacionados

ALT-PU-2019-2487

ALT-PU-2019-2488

ALT-PU-2019-2655

ALT-PU-2019-2746

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00298

CVE-2019-19536

DLA-2068-1

DLA-2114-1

OPENSUSE-SU-2019:2675-1

OPENSUSE-SU-2019_2675-1

SUSE-SU-2019:3289-1

SUSE-SU-2019:3316-1

SUSE-SU-2019:3317-1

SUSE-SU-2019:3372-1

SUSE-SU-2019:3379-1

SUSE-SU-2019:3381-1

SUSE-SU-2019:3389-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1255-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

PT-2019-4480 · Linux+2 · Linux Kernel+2

CVE-2019-19536

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 741