Lucene search

K
nvd[email protected]NVD:CVE-2019-16995
HistorySep 30, 2019 - 1:15 p.m.

CVE-2019-16995

2019-09-3013:15:11
CWE-401
web.nvd.nist.gov
1

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.007

Percentile

80.1%

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

Affected configurations

NVD
Node
linuxlinux_kernelRange3.173.18.137
OR
linuxlinux_kernelRange4.44.4.177
OR
linuxlinux_kernelRange4.94.9.164
OR
linuxlinux_kernelRange4.144.14.107
OR
linuxlinux_kernelRange4.194.19.30
OR
linuxlinux_kernelRange4.204.20.17
OR
linuxlinux_kernelRange5.05.0.3
OR
linuxlinux_kernelMatch5.1rc1
Node
opensuseleapMatch15.0
OR
opensuseleapMatch15.1
Node
netappaff_a700s_firmwareMatch-
AND
netappaff_a700sMatch-
Node
netapph300s_firmwareMatch-
AND
netapph300sMatch-
Node
netapph500s_firmwareMatch-
AND
netapph500sMatch-
Node
netapph700s_firmwareMatch-
AND
netapph700sMatch-
Node
netapph300e_firmwareMatch-
AND
netapph300eMatch-
Node
netapph500e_firmwareMatch-
AND
netapph500eMatch-
Node
netapph700e_firmwareMatch-
AND
netapph700eMatch-
Node
netapph410s_firmwareMatch-
AND
netapph410sMatch-
Node
netapph410c_firmwareMatch-
AND
netapph410cMatch-
Node
netapph610s_firmwareMatch-
AND
netapph610sMatch-
Node
netappdata_availability_servicesMatch-
OR
netapphci_management_nodeMatch-
OR
netappservice_processorMatch-
OR
netappsolidfireMatch-
OR
netappsteelstore_cloud_integrated_storageMatch-

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.007

Percentile

80.1%