PT-2019-4415 · Linux+2 · Linux Kernel+2

Published

2019-09-27

Updated

2024-08-05

CVE-2019-19076

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.6

Description A memory leak in the nfp abm u32 knode replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c allows attackers to cause a denial of service (memory consumption). The issue has been argued as not a valid vulnerability, and the upstream commit was reverted.

Recommendations For Linux kernel versions prior to 5.3.6, update to version 5.3.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the nfp abm u32 knode replace() function until a patch is available.

Fix

DoS

Resource Exhaustion

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-401

Related Identifiers

ALT-PU-2019-2900

ALT-PU-2019-2930

ALT-PU-2019-3061

ALT-PU-2020-1198

ALT-PU-2020-1329

ALT-PU-2020-1330

ALT-PU-2020-1398

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1524

ALT-PU-2020-1714

ALT-PU-2020-1945

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2020-3057

ALT-PU-2021-1745

ALT-PU-2021-1870

AZL-41940

BDU:2020-00158

CVE-2019-19076

USN-4209-1

Affected Products

Alt Linux

Linux Kernel

Ubuntu

PT-2019-4415 · Linux+2 · Linux Kernel+2

CVE-2019-19076

Weakness Enumeration

Related Identifiers

Affected Products

References · 26