PT-2019-4772 · Linux+7 · Linux Kernel+7

Publicado

2019-07-22

·

Atualizado

2024-08-20

·

CVE-2019-15505

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.2.9
Description The issue is related to an out-of-bounds read in the Linux kernel, specifically in the drivers/media/usb/dvb-usb/technisat-usb2.c component. This can be triggered by crafted USB device traffic, which may be remote via usbip or usbredir. The exploitation of this issue may allow an attacker to disclose protected information or cause a denial of service.
Recommendations For Linux kernel versions through 5.2.9, update to a version newer than 5.2.9 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2019-2763
ALT-PU-2019-2764
ALT-PU-2019-2768
ALT-PU-2019-2838
ALT-PU-2019-2845
ALT-PU-2019-2890
ALT-PU-2020-1024
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
BDU:2020-01344
CESA-2024_2950
CESA-2024_3138
CVE-2019-15505
DLA-2068-1
DLA-2114-1
INFSA-2024_2950
INFSA-2024_3138
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2019:14218-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:2984-1
SUSE-SU-2019_14218-1
USN-4157-1
USN-4157-2
USN-4162-1
USN-4162-2
USN-4163-1
USN-4163-2

Produtos afetados

Alt Linux
Almalinux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu