PT-2019-4501 · Linux+4 · Linux Kernel+4

Yuehaibing

Published

2019-04-04

Updated

2022-04-18

CVE-2019-20095

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.1.6

Description The issue is related to the mwifiex tm cmd in the Linux kernel, which has some error-handling cases that did not free allocated hostcmd memory. This will cause a memory leak and denial of service. An attacker can exploit this to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.1.6, update to version 5.1.6 or later to resolve the issue. As a temporary workaround, consider disabling the mwifiex tm cmd function until a patch is available. Restrict access to the vulnerable cfg80211.c module to minimize the risk of exploitation.

Fix

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-722

Related Identifiers

ALT-PU-2019-2024

ALT-PU-2019-2036

ALT-PU-2019-2120

ALT-PU-2019-2311

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-00360

CESA-2020_4060

CVE-2019-20095

OPENSUSE-SU-2020:0336-1

OPENSUSE-SU-2020_0336-1

RHSA-2020:1493

RHSA-2020:4060

RHSA-2020:4062

RHSA-2020_4060

RHSA-2020_4062

SUSE-SU-2020:0093-1

SUSE-SU-2020:0511-1

SUSE-SU-2020:0559-1

SUSE-SU-2020:0560-1

SUSE-SU-2020:0580-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1663-1

SUSE-SU-2020_1663-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4501 · Linux+4 · Linux Kernel+4

CVE-2019-20095

Weakness Enumeration

Related Identifiers

Affected Products

References · 776