PT-2019-12500 · Linux+5 · Linux Kernel+5

Published

2019-04-16

·

Updated

2022-12-02

·

CVE-2019-11810

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.7
Description A NULL pointer dereference can occur when megasas create frame pool() fails in megasas alloc cmds() in drivers/scsi/megaraid/megaraid sas base.c. This causes a Denial of Service, related to a use-after-free.
Recommendations For Linux kernel versions prior to 5.0.7, update to version 5.0.7 or later to resolve the issue.

Fix

DoS

Use After Free

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-476

Related Identifiers

ALT-PU-2019-1657
ALT-PU-2019-1665
ALT-PU-2019-1710
CESA-2019_1959
CESA-2019_1971
CESA-2019_2029
CESA-2019_2736
CVE-2019-11810
DLA-1823-1
OPENSUSE-SU-2019:1923-1
OPENSUSE-SU-2019:1924-1
OPENSUSE-SU-2019_1923-1
OPENSUSE-SU-2019_1924-1
RHSA-2019:1959
RHSA-2019:1971
RHSA-2019:2029
RHSA-2019:2043
RHSA-2019:2736
RHSA-2019:2837
RHSA-2019:3217
RHSA-2019_1959
RHSA-2019_1971
RHSA-2019_2029
RHSA-2019_2043
RHSA-2019_2736
RHSA-2020:0036
SUSE-SU-2019:14157-1
SUSE-SU-2019:2068-1
SUSE-SU-2019:2069-1
SUSE-SU-2019:2070-1
SUSE-SU-2019:2071-1
SUSE-SU-2019:2072-1
SUSE-SU-2019:2073-1
SUSE-SU-2019:2262-1
SUSE-SU-2019:2263-1
SUSE-SU-2019:2299-1
SUSE-SU-2019:2430-1
SUSE-SU-2019:2450-1
SUSE-SU-2019_14157-1
USN-4005-1
USN-4008-1
USN-4008-3
USN-4115-1
USN-4115-2
USN-4118-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu