Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-19807
HistoryDec 15, 2019 - 12:00 a.m.

CVE-2019-19807

2019-12-1500:00:00
ubuntu.com
ubuntu.com
11

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

39.1%

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free
caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related
to snd_timer_open and snd_timer_close_locked. The timeri variable was
originally intended to be for a newly created timer instance, but was used
for a different purpose after refactoring.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux-aws< 4.15.0-1057.59UNKNOWN
ubuntu19.10noarchlinux-aws< 5.3.0-1009.10UNKNOWN
ubuntu18.04noarchlinux-gcp-5.3< 5.3.0-1010.11~18.04.1UNKNOWN
ubuntu18.04noarchlinux< 4.15.0-74.84UNKNOWN
ubuntu19.10noarchlinux< 5.3.0-26.28UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1057.59~16.04.1UNKNOWN
ubuntu19.10noarchlinux-azure< 5.3.0-1009.10UNKNOWN
ubuntu14.04noarchlinux-azure< 4.15.0-1066.71~14.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1066.71UNKNOWN
ubuntu18.04noarchlinux-azure-5.3< 5.3.0-1009.10~18.04.1UNKNOWN
Rows per page:
1-10 of 241

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

39.1%

Related for UB:CVE-2019-19807