PT-2019-5425 · Linux+4 · Linux Kernel+4

Chuhong Yuan

·

Publicado

2019-12-13

·

Atualizado

2022-04-28

·

CVE-2019-20810

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.6
Description The issue is related to the go7007 snd init function in the Linux kernel, which does not properly free resources in case of failure, leading to a memory leak. This can potentially allow an attacker to cause a denial of service.
Recommendations For Linux kernel versions prior to 5.6, update to version 5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected function to minimize the risk of exploitation.

Correção

Memory Leak

Missing Release of Resource after Effective Lifetime

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401CWE-772

Identificadores relacionados

ALT-PU-2020-1638
ALT-PU-2020-1646
ALT-PU-2020-1761
ALT-PU-2020-1917
ALT-PU-2020-2153
ALT-PU-2020-2164
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2020-03027
CVE-2019-20810
DLA-2323-1
OPENSUSE-SU-2020:0935-1
OPENSUSE-SU-2020:1153-1
OPENSUSE-SU-2020_0935-1
OPENSUSE-SU-2020_1153-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1693-1
SUSE-SU-2020:1699-1
SUSE-SU-2020:2027-1
SUSE-SU-2020:2103-1
SUSE-SU-2020:2105-1
SUSE-SU-2020:2107-1
SUSE-SU-2020:2121-1
SUSE-SU-2020:2134-1
SUSE-SU-2020:2152-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1663-1
SUSE-SU-2020_1693-1
SUSE-SU-2020_1699-1
SUSE-SU-2020_2103-1
USN-4427-1
USN-4439-1
USN-4440-1
USN-4483-1
USN-4485-1

Produtos afetados

Alt Linux
Linuxmint
Linux Kernel
Suse
Ubuntu