PT-2019-6292 · Linux+7 · Linux Kernel+7

Published

2019-09-10

·

Updated

2026-03-13

·

CVE-2019-16231

CVSS v2.0

4.7

Medium

VectorAV:L/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel version 5.2.14
Description The issue is related to a NULL pointer dereference in the Linux kernel. Specifically, the drivers/net/fjes/fjes main.c file does not check the return value of alloc workqueue, leading to this problem. The vulnerability can be exploited to cause a denial of service.
Recommendations For Linux kernel version 5.2.14, consider applying a patch that checks the return value of alloc workqueue to prevent the NULL pointer dereference. As a temporary workaround, restrict access to the vulnerable driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2020:4431
ALT-PU-2019-2700
BDU:2022-07033
CESA-2020_4060
CESA-2020_4431
CESA-2020_4609
CVE-2019-16231
ECHO-30B8-1960-3011
OPENSUSE-SU-2019:2503-1
OPENSUSE-SU-2019:2507-1
OPENSUSE-SU-2019_2503-1
OPENSUSE-SU-2019_2507-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2020:4060
RHSA-2020:4062
RHSA-2020:4431
RHSA-2020:4609
RHSA-2020_4060
RHSA-2020_4062
RHSA-2020_4431
RHSA-2020_4609
SUSE-SU-2019:2984-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3289-1
SUSE-SU-2019:3294-1
SUSE-SU-2019:3295-1
SUSE-SU-2019:3316-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3371-1
SUSE-SU-2019:3372-1
SUSE-SU-2019:3379-1
SUSE-SU-2019:3381-1
SUSE-SU-2020:0093-1
USN-4225-1
USN-4225-2
USN-4226-1
USN-4227-1
USN-4227-2
USN-4904-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Linux Kernel
Red Hat
Suse
Ubuntu