Lucene search

K
cve[email protected]CVE-2019-19063
HistoryNov 18, 2019 - 6:15 a.m.

CVE-2019-19063

2019-11-1806:15:12
CWE-401
web.nvd.nist.gov
330
2
cve-2019-19063
memory leaks
rtl_usb_probe
linux kernel
dos
cid-3f9361695113

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

51.1%

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

Affected configurations

NVD
Node
linuxlinux_kernelRange5.3.11
Node
oraclesd-wan_edgeMatch8.2
OR
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.10
OR
fedoraprojectfedoraMatch30
OR
fedoraprojectfedoraMatch31
OR
opensuseleapMatch15.1
Node
netappactive_iq_unified_managerMatch-vmware_vsphere
OR
netappaff_baseboard_management_controllerMatch-
OR
netappcloud_backupMatch-
OR
netappdata_availability_servicesMatch-
OR
netappe-series_santricity_os_controllerMatch11.0
OR
netappe-series_santricity_os_controllerMatch11.0.0
OR
netappe-series_santricity_os_controllerMatch11.20
OR
netappe-series_santricity_os_controllerMatch11.25
OR
netappe-series_santricity_os_controllerMatch11.30
OR
netappe-series_santricity_os_controllerMatch11.30.5r3
OR
netappe-series_santricity_os_controllerMatch11.40
OR
netappe-series_santricity_os_controllerMatch11.40.3r2
OR
netappe-series_santricity_os_controllerMatch11.40.5
OR
netappe-series_santricity_os_controllerMatch11.50.1
OR
netappe-series_santricity_os_controllerMatch11.50.2-
OR
netappe-series_santricity_os_controllerMatch11.50.2p1
OR
netappe-series_santricity_os_controllerMatch11.60
OR
netappe-series_santricity_os_controllerMatch11.60.0
OR
netappe-series_santricity_os_controllerMatch11.60.1
OR
netappe-series_santricity_os_controllerMatch11.60.3
OR
netappe-series_santricity_os_controllerMatch11.70.1
OR
netappe-series_santricity_os_controllerMatch11.70.2
OR
netappfas\/aff_baseboard_management_controllerMatch-
OR
netapphci_baseboard_management_controllerMatchh610s
OR
netappsolidfire\,_enterprise_sds_\&_hci_storage_nodeMatch-
OR
netappsolidfire_\&_hci_management_nodeMatch-
OR
netappsteelstore_cloud_integrated_storageMatch-
OR
broadcombrocade_fabric_operating_system_firmwareMatch-
Node
netapphci_compute_node_firmwareMatch-
AND
netapphci_compute_nodeMatch-
Node
netappsolidfire_baseboard_management_controller_firmwareMatch-
AND
netappsolidfire_baseboard_management_controllerMatch-
VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::::

Social References

More

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

51.1%