PT-2019-4207 · Linux+2 · Linux Kernel+2

Robert Frohl

Published

2019-10-01

Updated

2026-03-13

CVE-2019-19070

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.3.11

Description A memory leak in the spi gpio probe() function in drivers/spi/spi-gpio.c allows attackers to cause a denial of service by triggering devm add action or reset() failures. This issue is disputed by third parties because the system must have already been out of memory before the probe began.

Recommendations For Linux kernel versions through 5.3.11, update to a version later than 5.3.11 to resolve the issue. As a temporary workaround, consider restricting system resources to prevent memory exhaustion.

Fix

DoS

Resource Exhaustion

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-401

Related Identifiers

ALT-PU-2020-1003

ALT-PU-2020-1010

ALT-PU-2020-1043

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2019-04804

CVE-2019-19070

ECHO-E5D0-971C-CE39

Affected Products

Alt Linux

Debian

Linux Kernel

PT-2019-4207 · Linux+2 · Linux Kernel+2

CVE-2019-19070

Weakness Enumeration

Related Identifiers

Affected Products

References · 19