Lucene search
LinuxVULNRICHMENT:CVE-2019-25162HistoryFeb 26, 2024 - 5:20 p.m.
CVE-2019-25162 i2c: Fix a potential use after free
2024-02-2617:20:20
Linux
github.com
10
linux kernel
vulnerability resolved
i2c
use after free
In the Linux kernel, the following vulnerability has been resolved:
i2c: Fix a potential use after free
Free the adap structure only after we are done using it.
This patch just moves the put_device() down a bit to avoid the
use after free.
[wsa: added comment to the code, added Fixes tag]
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "e6412ba3b650",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "23a191b132cd",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "871a1e94929a",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "81cb31756888",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "35927d7509ab",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "e8e1a046cf87",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "12b0606000d0",
"versionType": "git"
},
{
"status": "affected",
"version": "611e12ea0f12",
"lessThan": "e4c72c06c367",
"versionType": "git"
}
],
"programFiles": [
"drivers/i2c/i2c-core-base.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "4.3",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.14.291",
"versionType": "custom",
"lessThanOrEqual": "4.14.*"
},
{
"status": "unaffected",
"version": "4.19.256",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.211",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.137",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.61",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "5.18.18",
"versionType": "custom",
"lessThanOrEqual": "5.18.*"
},
{
"status": "unaffected",
"version": "5.19.2",
"versionType": "custom",
"lessThanOrEqual": "5.19.*"
},
{
"status": "unaffected",
"version": "6.0",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/i2c/i2c-core-base.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/12b0606000d0828630c033bf0c74c748464fe87d
git.kernel.org/stable/c/23a191b132cd87f746c62f3dc27da33683d85829
git.kernel.org/stable/c/35927d7509ab9bf41896b7e44f639504eae08af7
git.kernel.org/stable/c/81cb31756888bb062e92d2dca21cd629d77a46a9
git.kernel.org/stable/c/871a1e94929a27bf6e2cd99523865c840bbc2d87
git.kernel.org/stable/c/e4c72c06c367758a14f227c847f9d623f1994ecf
git.kernel.org/stable/c/e6412ba3b6508bdf9c074d310bf4144afa6aec1a
git.kernel.org/stable/c/e8e1a046cf87c8b1363e5de835114f2779e2aaf4
Related
redhatcve
redhatcve
CVE-2019-25162
2024-02-27 14:02:38
nvd
nvd
CVE-2019-25162
2024-02-26 18:15:07
ubuntucve
ubuntucve
CVE-2019-25162
2024-02-26 00:00:00
debiancve
debiancve
CVE-2019-25162
2024-02-26 18:15:07
cvelist
cvelist
CVE-2019-25162 i2c: Fix a potential use after free
2024-02-26 17:20:20
cve
cve
CVE-2019-25162
2024-02-26 18:15:07
prion
prion
Design/Logic Flaw
2024-02-26 18:15:00
nessus
nessus
CentOS 9 : kernel-5.14.0-432.el9
2024-04-26 00:00:00
Amazon Linux 2 : kernel (ALAS-2022-1838)
2022-09-15 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6739-1)
2024-04-19 00:00:00
amazon
amazon
Important: kernel
2022-09-01 21:09:00
openvas
openvas
Ubuntu: Security Advisory (USN-6739-1)
2024-04-22 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:0858-1)
2024-03-25 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1570)
2024-05-10 00:00:00
redos
redos
ROS-20240813-03
2024-08-13 00:00:00
osv
osv
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
2024-04-19 13:23:13
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel-rt security and bug fix update
2024-06-14 13:59:36
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-04-19 00:00:00
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel update
2024-06-05 00:00:00
redhat
redhat
(RHSA-2024:3627) Moderate: kernel-rt security and bug fix update
2024-06-05 09:30:39
(RHSA-2024:3618) Moderate: kernel update
2024-06-05 00:07:54
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel update
2024-06-14 13:59:16
oraclelinux
oraclelinux
kernel update
2024-06-05 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-07-31 12:54:26
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2019-25162