PT-2019-4091 · Linux+2 · Linux Kernel+2

Published

2019-10-23

·

Updated

2023-01-20

·

CVE-2019-19044

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11
Description The issue is related to two memory leaks in the v3d submit cl ioctl() function, located in drivers/gpu/drm/v3d/v3d gem.c. This can lead to a denial of service due to memory consumption when kcalloc() or v3d job init() failures are triggered. The vulnerability can be exploited by remote attackers to cause a denial of service.
Recommendations For Linux kernel versions prior to 5.3.11, update to version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the v3d submit cl ioctl() function to minimize the risk of exploitation.

Fix

DoS

Memory Leak

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-400

Related Identifiers

ALT-PU-2019-3131
ALT-PU-2019-3155
ALT-PU-2019-3184
ALT-PU-2020-1421
ALT-PU-2020-1450
BDU:2019-04659
CVE-2019-19044
USN-4225-1

Affected Products

Alt Linux
Linux Kernel
Ubuntu