PT-2019-4397 · Linux+3 · Linux Kernel+3

Published

2019-09-25

Updated

2021-05-28

CVE-2019-19082

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11

Description The issue is related to memory leaks in the create resource pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel. This affects several functions, including dce120 create resource pool(), dce110 create resource pool(), dce100 create resource pool(), dcn10 create resource pool(), and dce112 create resource pool(). The memory leaks can be exploited by attackers to cause a denial of service due to memory consumption.

Recommendations For Linux kernel versions prior to 5.3.11, update to a version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected create resource pool() functions to minimize the risk of exploitation.

Fix

DoS

Memory Leak

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-400

Related Identifiers

ALT-PU-2019-3180

ALT-PU-2019-3184

ALT-PU-2019-3268

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00119

CVE-2019-19082

OPENSUSE-SU-2019:2675-1

OPENSUSE-SU-2019_2675-1

SUSE-SU-2019:3200-1

SUSE-SU-2019:3317-1

SUSE-SU-2019:3372-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0613-1

USN-4258-1

USN-4284-1

USN-4287-1

USN-4287-2

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2019-4397 · Linux+3 · Linux Kernel+3

CVE-2019-19082

Weakness Enumeration

Related Identifiers

Affected Products

References · 623