PT-2019-5416 · Linux+6 · Linux Kernel+6

Published

2019-06-02

·

Updated

2021-05-28

·

CVE-2019-12614

CVSS v2.0

4.7

Medium

VectorAV:L/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.1.6
Description An issue in the Linux kernel allows an attacker to cause a denial of service, potentially leading to a system crash due to a NULL pointer dereference. The issue is related to an unchecked kstrdup of prop->name in the dlpar parse cc property function. This might enable an attacker to exploit the vulnerability, resulting in a denial of service.
Recommendations For Linux kernel versions through 5.1.6, update to a version that contains a fix for this issue to prevent potential denial of service attacks.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2020:4431
ALT-PU-2019-2024
ALT-PU-2019-2036
ALT-PU-2019-2120
ALT-PU-2019-2311
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2020-02919
CESA-2020_4060
CESA-2020_4431
CVE-2019-12614
OPENSUSE-SU-2019:1716-1
OPENSUSE-SU-2019:1757-1
OPENSUSE-SU-2019_1716-1
OPENSUSE-SU-2019_1757-1
RHSA-2020:2104
RHSA-2020:4060
RHSA-2020:4431
RHSA-2020_4060
RHSA-2020_4431
SUSE-SU-2019:14127-1
SUSE-SU-2019:1744-1
SUSE-SU-2019:1823-1
SUSE-SU-2019:1823-2
SUSE-SU-2019:1829-1
SUSE-SU-2019:1851-1
SUSE-SU-2019:1852-1
SUSE-SU-2019:1855-1
SUSE-SU-2019:1870-1
SUSE-SU-2019:2069-1
SUSE-SU-2019:2430-1
SUSE-SU-2019:2450-1
SUSE-SU-2019_14127-1
USN-4093-1
USN-4094-1
USN-4095-1
USN-4095-2

Affected Products

Alt Linux
Almalinux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu