PT-2019-4501 · Linux+4 · Linux Kernel+4

Yuehaibing

Publicado

2019-04-04

Atualizado

2022-04-18

CVE-2019-20095

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.1.6

Description The issue is related to the mwifiex tm cmd in the Linux kernel, which has some error-handling cases that did not free allocated hostcmd memory. This will cause a memory leak and denial of service. An attacker can exploit this to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.1.6, update to version 5.1.6 or later to resolve the issue. As a temporary workaround, consider disabling the mwifiex tm cmd function until a patch is available. Restrict access to the vulnerable cfg80211.c module to minimize the risk of exploitation.

Correção

DoS

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-722

Identificadores relacionados

ALT-PU-2019-2024

ALT-PU-2019-2036

ALT-PU-2019-2120

ALT-PU-2019-2311

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00360

CESA-2020_4060

CVE-2019-20095

OPENSUSE-SU-2020:0336-1

OPENSUSE-SU-2020_0336-1

RHSA-2020:1493

RHSA-2020:4060

RHSA-2020:4062

RHSA-2020_4060

RHSA-2020_4062

SUSE-SU-2020:0093-1

SUSE-SU-2020:0511-1

SUSE-SU-2020:0559-1

SUSE-SU-2020:0560-1

SUSE-SU-2020:0580-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1663-1

SUSE-SU-2020_1663-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4501 · Linux+4 · Linux Kernel+4

CVE-2019-20095

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 776