PT-2019-5416 · Linux+6 · Linux Kernel+6

Publicado

2019-06-02

·

Atualizado

2021-05-28

·

CVE-2019-12614

CVSS v2.0

4.7

Média

VetorAV:L/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.1.6
Description An issue in the Linux kernel allows an attacker to cause a denial of service, potentially leading to a system crash due to a NULL pointer dereference. The issue is related to an unchecked kstrdup of prop->name in the dlpar parse cc property function. This might enable an attacker to exploit the vulnerability, resulting in a denial of service.
Recommendations For Linux kernel versions through 5.1.6, update to a version that contains a fix for this issue to prevent potential denial of service attacks.

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALSA-2020:4431
ALT-PU-2019-2024
ALT-PU-2019-2036
ALT-PU-2019-2120
ALT-PU-2019-2311
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2020-02919
CESA-2020_4060
CESA-2020_4431
CVE-2019-12614
OPENSUSE-SU-2019:1716-1
OPENSUSE-SU-2019:1757-1
OPENSUSE-SU-2019_1716-1
OPENSUSE-SU-2019_1757-1
RHSA-2020:2104
RHSA-2020:4060
RHSA-2020:4431
RHSA-2020_4060
RHSA-2020_4431
SUSE-SU-2019:14127-1
SUSE-SU-2019:1744-1
SUSE-SU-2019:1823-1
SUSE-SU-2019:1823-2
SUSE-SU-2019:1829-1
SUSE-SU-2019:1851-1
SUSE-SU-2019:1852-1
SUSE-SU-2019:1855-1
SUSE-SU-2019:1870-1
SUSE-SU-2019:2069-1
SUSE-SU-2019:2430-1
SUSE-SU-2019:2450-1
SUSE-SU-2019_14127-1
USN-4093-1
USN-4094-1
USN-4095-1
USN-4095-2

Produtos afetados

Alt Linux
Almalinux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu