PT-2019-3229 · Linux+5 · Linux Kernel+5

Published

2019-08-14

Updated

2024-06-15

CVE-2019-15099

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.8

Description The issue is related to a driver error in the Linux kernel, specifically in the drivers/net/wireless/ath/ath10k/usb.c file, which is associated with null pointer dereference errors. An attacker, acting remotely, can exploit this issue to cause a denial of service by utilizing an incomplete address in an endpoint descriptor.

Recommendations For Linux kernel versions prior to 5.2.8, update to version 5.2.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable ath10k driver until a patch is available.

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2019-3207

ALT-PU-2019-3236

ALT-PU-2019-3268

ALT-PU-2019-3272

ALT-PU-2019-3293

ALT-PU-2019-3295

ALT-PU-2020-1024

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

BDU:2019-03219

CESA-2020_1567

CESA-2020_1769

CVE-2019-15099

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2181-1

OPENSUSE-SU-2024:10728-1

OPENSUSE-SU-2024:13704-1

RHSA-2020:1493

RHSA-2020:1567

RHSA-2020:1769

RHSA-2020_1567

RHSA-2020_1769

SUSE-SU-2019:2412-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

USN-4258-1

USN-4284-1

USN-4287-1

USN-4287-2

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2019-3229 · Linux+5 · Linux Kernel+5

CVE-2019-15099

Weakness Enumeration

Related Identifiers

Affected Products

References · 630