Lucene search

K
cveMitreCVE-2019-19053
HistoryNov 18, 2019 - 6:15 a.m.

CVE-2019-19053

2019-11-1806:15:11
CWE-401
mitre
web.nvd.nist.gov
106
cve-2019-19053
rpmsg_char.c
denial of service
memory leak
linux kernel
nvd
cid-bbe692e349e2

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

65.6%

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

Affected configurations

Nvd
Node
linuxlinux_kernelRange4.205.4.12
Node
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.10
Node
netappactive_iq_unified_managerMatch-vmware_vsphere
OR
netappaff_baseboard_management_controllerMatch-
OR
netappcloud_backupMatch-
OR
netappdata_availability_servicesMatch-
OR
netappe-series_santricity_os_controllerMatch11.0
OR
netappe-series_santricity_os_controllerMatch11.0.0
OR
netappe-series_santricity_os_controllerMatch11.20
OR
netappe-series_santricity_os_controllerMatch11.25
OR
netappe-series_santricity_os_controllerMatch11.30
OR
netappe-series_santricity_os_controllerMatch11.30.5r3
OR
netappe-series_santricity_os_controllerMatch11.40
OR
netappe-series_santricity_os_controllerMatch11.40.3r2
OR
netappe-series_santricity_os_controllerMatch11.40.5
OR
netappe-series_santricity_os_controllerMatch11.50.1
OR
netappe-series_santricity_os_controllerMatch11.50.2-
OR
netappe-series_santricity_os_controllerMatch11.50.2p1
OR
netappe-series_santricity_os_controllerMatch11.60
OR
netappe-series_santricity_os_controllerMatch11.60.0
OR
netappe-series_santricity_os_controllerMatch11.60.1
OR
netappe-series_santricity_os_controllerMatch11.60.3
OR
netappe-series_santricity_os_controllerMatch11.70.1
OR
netappe-series_santricity_os_controllerMatch11.70.2
OR
netappfas\/aff_baseboard_management_controllerMatch-
OR
netapphci_baseboard_management_controllerMatchh610s
OR
netappsolidfire\,_enterprise_sds_\&_hci_storage_nodeMatch-
OR
netappsolidfire_\&_hci_management_nodeMatch-
OR
netappsteelstore_cloud_integrated_storageMatch-
OR
broadcombrocade_fabric_operating_system_firmwareMatch-
Node
netappsolidfire_baseboard_management_controller_firmwareMatch-
AND
netappsolidfire_baseboard_management_controllerMatch-
Node
netapphci_compute_node_firmwareMatch-
AND
netapphci_compute_nodeMatch-
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
canonicalubuntu_linux18.04cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
canonicalubuntu_linux19.10cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
netappactive_iq_unified_manager-cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
netappaff_baseboard_management_controller-cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*
netappcloud_backup-cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netappdata_availability_services-cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
netappe-series_santricity_os_controller11.0cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
netappe-series_santricity_os_controller11.0.0cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
netappe-series_santricity_os_controller11.20cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
Rows per page:
1-10 of 351

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

65.6%