CVE-2019-16230

Name of the Vulnerable Software and Affected Versions Linux kernel version 5.2.14

Description The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the radeon display driver. This occurs because the alloc workqueue return value is not checked, potentially leading to a crash. It is noted that the work queue allocation happens during device initialization, which for a graphics card, occurs during boot, and is not attacker controllable. Additionally, it is mentioned that exploitation of this issue could allow a local attacker to cause a denial of service.

Recommendations For Linux kernel version 5.2.14, consider applying a patch that checks the return value of alloc workqueue to prevent NULL pointer dereferences. As a temporary workaround, ensure that the system has sufficient resources during boot to minimize the likelihood of out-of-memory conditions.