CVE-2019-3459

🗓️ 11 Apr 2019 15:53:35Reported by debianType

Linux kernel heap address leak in L2CAP_GET_CONF_OPT

Reporter	Title	Published	Views	Family All 418
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to multiple Kernel vulnerabilities	6 Nov 201919:05	–	ibm
Tenable Nessus	Amazon Linux 2 : kernel (ALAS-2019-1201)	6 May 201900:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2019-1201)	7 May 201900:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2019:3517)	29 Jan 202100:00	–	nessus
Tenable Nessus	CentOS 7 : kernel (CESA-2019:2029)	11 Sep 201900:00	–	nessus
Tenable Nessus	CentOS 7 : kernel-alt (RHSA-2020:0740)	9 Oct 202400:00	–	nessus
Tenable Nessus	Debian DLA-1771-1 : linux-4.9 security update	6 May 201900:00	–	nessus
Tenable Nessus	Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)	29 May 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1302)	30 Apr 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1304)	1 May 201900:00	–	nessus

NVD

Node

linux linux_kernelRange≤5.1

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch18.10

Node

redhat codeready_linux_builderMatch8.0

redhat enterprise_linuxMatch5.0

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_eusMatch8.2

redhat enterprise_linux_eusMatch8.4

redhat enterprise_linux_for_real_timeMatch7

redhat enterprise_linux_for_real_timeMatch8

redhat enterprise_linux_for_real_time_for_nfvMatch7

redhat enterprise_linux_for_real_time_for_nfvMatch8

redhat enterprise_linux_for_real_time_for_nfv_tusMatch8.2

redhat enterprise_linux_for_real_time_for_nfv_tusMatch8.4

redhat enterprise_linux_for_real_time_tusMatch8.2

redhat enterprise_linux_for_real_time_tusMatch8.4

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch8.2

redhat enterprise_linux_server_ausMatch8.4

redhat enterprise_linux_server_tusMatch8.2

redhat enterprise_linux_server_tusMatch8.4

redhat enterprise_linux_workstationMatch7.0

redhat enterprise_mrgMatch2.0

Node

debian debian_linuxMatch8.0

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "before 5.1-rc1"
      },
      {
        "status": "affected",
        "version": "fixed in 5.1-rc1"
      }
    ]
  }
]

Source	Link
openwall	www.openwall.com/lists/oss-security/2019/06/27/7
bugzilla	www.bugzilla.novell.com/show_bug.cgi
openwall	www.openwall.com/lists/oss-security/2019/06/27/2
access	www.access.redhat.com/errata/RHSA-2019:3309
people	www.people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3459.html
openwall	www.openwall.com/lists/oss-security/2019/06/28/1
access	www.access.redhat.com/errata/RHSA-2019:2029
marc	www.marc.info/
access	www.access.redhat.com/errata/RHSA-2020:0740
lists	www.lists.debian.org/debian-lts-announce/2019/05/msg00041.html

21 Nov 2024 04:42Current

6.8Medium risk

Vulners AI Score6.8

CVSS 23.3

CVSS 3.16.5

EPSS0.00465

CWE-125