CVE-2019-11810

2019-05-0700:00:00

ubuntu.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer
dereference can occur when megasas_create_frame_pool() fails in
megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This
causes a Denial of Service, related to a use-after-free.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-60.67UNKNOWN
ubuntu19.04noarchlinux< 5.0.0-16.17UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-150.176UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1047.49UNKNOWN
ubuntu19.04noarchlinux-aws< 5.0.0-1007.7UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1054.58) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1084.94UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1047.49~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu19.04noarchlinux-azure< 5.0.0-1008.8UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-60.67	UNKNOWN
ubuntu	19.04	noarch	linux	< 5.0.0-16.17	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-150.176	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1047.49	UNKNOWN
ubuntu	19.04	noarch	linux-aws	< 5.0.0-1007.7	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1054.58) Available with Ubuntu Pro or Ubuntu Pro (Infra-only	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1084.94	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< 4.15.0-1047.49~16.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-azure	< 5.0.0-1014.14~18.04.1	UNKNOWN
ubuntu	19.04	noarch	linux-azure	< 5.0.0-1008.8	UNKNOWN