PT-2019-12892 · Linux+1 · Linux Kernel+1

Gen Zhang

Published

2018-04-06

Updated

2021-06-02

CVE-2019-12615

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.1.6

Description An issue was discovered in the get vdev port node info function in arch/sparc/kernel/mdesc.c. There is an unchecked kstrdup const of node info->vdev port.name, which might allow an attacker to cause a denial of service, resulting in a NULL pointer dereference and system crash.

Recommendations For Linux kernel versions through 5.1.6, update to a version later than 5.1.6 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2018-1557

ALT-PU-2019-1139

ALT-PU-2019-1363

ALT-PU-2019-2141

ALT-PU-2019-2143

ALT-PU-2019-2157

ALT-PU-2019-2200

ALT-PU-2019-2201

ALT-PU-2019-2314

CVE-2019-12615

Affected Products

Alt Linux

Linux Kernel

PT-2019-12892 · Linux+1 · Linux Kernel+1

CVE-2019-12615

Weakness Enumeration

Related Identifiers

Affected Products

References · 15