Lucene search

[email protected]CVE-2019-19462

HistoryNov 30, 2019 - 1:15 a.m.

CVE-2019-19462

2019-11-3001:15:10

CWE-476

[email protected]

web.nvd.nist.gov

332

linux

kernel

cve-2019-19462

denial of service

nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

Percentile

10.1%

JSON

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤5.4.1

Node

netappactive_iq_unified_managerRange9.5≥vmware_vsphere

netapphci_management_nodeMatch-

netappsolidfireMatch-

netapphci_compute_nodeMatch-

netapphci_storage_nodeMatch-

Node

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch20.04lts

Node

opensuseleapMatch15.1

opensuseleapMatch15.2

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::::

Vendor	Product	Version	CPE
linux	linux_kernel		cpe:/o:linux:linux_kernel::::

References

lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

lists.debian.org/debian-lts-announce/2020/06/msg00012.html

lore.kernel.org/lkml/20191129013745.7168-1-dja%40axtens.net/

security.netapp.com/advisory/ntap-20210129-0004/

syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8

syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531

syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046

syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b

usn.ubuntu.com/4414-1/

usn.ubuntu.com/4425-1/

usn.ubuntu.com/4439-1/

usn.ubuntu.com/4440-1/

www.debian.org/security/2020/dsa-4698

www.debian.org/security/2020/dsa-4699

Social References

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

Percentile

10.1%

JSON

Related for CVE-2019-19462

nvd1 cvelist1 debiancve1 ubuntucve1 redhatcve1 prion1 ubuntu5 openvas23 nessus31 oraclelinux2 amazon3 photon3 debian5 mageia1 cloudfoundry1 osv3 suse3