CVE-2019-15098

Опубликовано: 16 авг. 2019

Источник: nvd

CVSS3: 4.6

CVSS2: 4.9

EPSS Низкий

Описание

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2019/09/27/1
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/09/27/2
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/09/27/3
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
Mailing List
Third Party Advisory
https://lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike%40gmail.com/T/#u
https://seclists.org/bugtraq/2019/Nov/11
Broken Link
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190905-0002/
Third Party Advisory
https://support.f5.com/csp/article/K61214359
Third Party Advisory
https://support.f5.com/csp/article/K61214359?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4184-1/
Third Party Advisory
https://usn.ubuntu.com/4185-1/
Third Party Advisory
https://usn.ubuntu.com/4186-1/
Third Party Advisory
https://usn.ubuntu.com/4186-2/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.2.9 (включая)

Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*

Версия от 9.5 (включая)

cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00163

Низкий

4.6 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2019-15098

CVSS3: 4.6

ubuntu

больше 6 лет назад

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

CVE-2019-15098

CVSS3: 4.3

redhat

больше 6 лет назад

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

CVE-2019-15098

CVSS3: 4.6

debian

больше 6 лет назад

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2. ...

GHSA-jrv5-9rmq-5rv5

CVSS3: 4.6

github

больше 3 лет назад

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

BDU:2019-03220

CVSS3: 4.6

fstec

больше 6 лет назад

Уязвимость драйвера drivers/net/wireless/ath/ath6kl/usb.c ядра операционных систем Linux, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 37%

0.00163

Низкий

4.6 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476