5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
13.2%
DISPUTED An issue was discovered in ip6_ra_control in
net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an
unchecked kmalloc of new_ra, which might allow an attacker to cause a
denial of service (NULL pointer dereference and system crash). NOTE: This
has been disputed as not an issue.
Author | Note |
---|---|
tyhicks | I’ve reviewed all of our kernels. There’s no security impact here so we’ll ignore this disputed CVE. |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12378
git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825
launchpad.net/bugs/cve/CVE-2019-12378
lkml.org/lkml/2019/5/25/229
nvd.nist.gov/vuln/detail/CVE-2019-12378
security-tracker.debian.org/tracker/CVE-2019-12378
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
13.2%