CVE-2019-20096

Опубликовано: 30 дек. 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
Broken Link
Third Party Advisory
http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
Third Party Advisory
VDB Entry
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d3ff0950e2b40dc861b1739029649d03f591820
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4285-1/
Third Party Advisory
https://usn.ubuntu.com/4286-1/
Third Party Advisory
https://usn.ubuntu.com/4286-2/
Third Party Advisory
https://usn.ubuntu.com/4287-1/
Third Party Advisory
https://usn.ubuntu.com/4287-2/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
Broken Link
Third Party Advisory
http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
Third Party Advisory
VDB Entry
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d3ff0950e2b40dc861b1739029649d03f591820
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4285-1/
Third Party Advisory
https://usn.ubuntu.com/4286-1/
Third Party Advisory
https://usn.ubuntu.com/4286-2/
Third Party Advisory
https://usn.ubuntu.com/4287-1/
Third Party Advisory
https://usn.ubuntu.com/4287-2/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.1 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00075

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-401

Связанные уязвимости

CVE-2019-20096

CVSS3: 5.5

ubuntu

больше 5 лет назад

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.

CVE-2019-20096

CVSS3: 5.5

redhat

больше 5 лет назад

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.

CVE-2019-20096

CVSS3: 5.5

debian

больше 5 лет назад

In the Linux kernel before 5.1, there is a memory leak in __feat_regis ...

GHSA-m85g-mhqp-wcwm

CVSS3: 5.5

github

около 3 лет назад

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.

BDU:2020-00358

CVSS3: 5.5

fstec

около 6 лет назад

Уязвимость функции __feat_register_sp() ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 23%

0.00075

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-401