PT-2019-4772 · Linux+7 · Linux Kernel+7

Published

2019-07-22

Updated

2024-08-20

CVE-2019-15505

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.2.9

Description The issue is related to an out-of-bounds read in the Linux kernel, specifically in the drivers/media/usb/dvb-usb/technisat-usb2.c component. This can be triggered by crafted USB device traffic, which may be remote via usbip or usbredir. The exploitation of this issue may allow an attacker to disclose protected information or cause a denial of service.

Recommendations For Linux kernel versions through 5.2.9, update to a version newer than 5.2.9 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2024:2950

ALSA-2024:3138

ALT-PU-2019-2763

ALT-PU-2019-2764

ALT-PU-2019-2768

ALT-PU-2019-2838

ALT-PU-2019-2845

ALT-PU-2019-2890

ALT-PU-2020-1024

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

BDU:2020-01344

CESA-2024_2950

CESA-2024_3138

CVE-2019-15505

DLA-2068-1

DLA-2114-1

INFSA-2024_2950

INFSA-2024_3138

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024_2950

RHSA-2024_3138

RLSA-2024:2950

RLSA-2024:3138

SUSE-SU-2019:14218-1

SUSE-SU-2019:2949-1

SUSE-SU-2019:2950-1

SUSE-SU-2019:2984-1

SUSE-SU-2019_14218-1

USN-4157-1

USN-4157-2

USN-4162-1

USN-4162-2

USN-4163-1

USN-4163-2

Affected Products

Alt Linux

Almalinux

Centos

Linux Kernel

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2019-4772 · Linux+7 · Linux Kernel+7

CVE-2019-15505

Weakness Enumeration

Related Identifiers

Affected Products

References · 395