PT-2019-4471 · Linux+5 · Linux Kernel+5

Syzbot

Published

2019-08-12

Updated

2021-05-28

CVE-2019-19537

CVSS v2.0

4.7

Medium

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2.10

Description The issue is caused by synchronization errors when accessing a shared resource in the Linux kernel's USB character device driver layer. This can be exploited by a malicious USB device, potentially allowing an attacker to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.2.10, update to version 5.2.10 or later to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2020:4431

ALT-PU-2019-2537

ALT-PU-2019-2545

ALT-PU-2019-2655

ALT-PU-2019-2746

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00289

CESA-2020_4060

CESA-2020_4431

CESA-2020_4609

CVE-2019-19537

DLA-2068-1

DLA-2114-1

OPENSUSE-SU-2020:0336-1

OPENSUSE-SU-2020_0336-1

RHSA-2020:4060

RHSA-2020:4062

RHSA-2020:4431

RHSA-2020:4609

RHSA-2020_4060

RHSA-2020_4062

RHSA-2020_4431

RHSA-2020_4609

SUSE-SU-2019:3316-1

SUSE-SU-2019:3379-1

SUSE-SU-2019:3381-1

SUSE-SU-2019:3389-1

SUSE-SU-2020:0093-1

SUSE-SU-2020:0511-1

SUSE-SU-2020:0560-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1255-1

SUSE-SU-2020:14354-1

Affected Products

Alt Linux

Almalinux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4471 · Linux+5 · Linux Kernel+5

CVE-2019-19537

Weakness Enumeration

Related Identifiers

Affected Products

References · 821