PT-2019-4413 · Linux+3 · Linux Kernel+3

Will Dormann

Published

2019-09-23

Updated

2023-01-17

CVE-2019-19078

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.3.11

Description The issue is related to a memory leak in the ath10k usb hif tx sg() function, which can be triggered by usb submit urb() failures, leading to a denial of service due to memory consumption. This can be exploited by a remote attacker to cause a service disruption.

Recommendations For Linux kernel versions through 5.3.11, update to a version that includes a fix for the memory leak in the ath10k usb hif tx sg() function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Memory Leak

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-400

Related Identifiers

ALT-PU-2020-1046

ALT-PU-2020-1047

ALT-PU-2020-1048

ALT-PU-2020-1067

ALT-PU-2020-1078

ALT-PU-2020-1189

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

BDU:2020-00156

CVE-2019-19078

OPENSUSE-SU-2019:2675-1

OPENSUSE-SU-2019_2675-1

SUSE-SU-2019:3200-1

SUSE-SU-2019:3317-1

SUSE-SU-2019:3372-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0613-1

USN-4258-1

USN-4284-1

USN-4287-1

USN-4287-2

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2019-4413 · Linux+3 · Linux Kernel+3

CVE-2019-19078

Weakness Enumeration

Related Identifiers

Affected Products

References · 638