CVE-2019-9445

Опубликовано: 06 сент. 2019

Источник: nvd

CVSS3: 4.4

CVSS2: 2.1

EPSS Низкий

Описание

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

Ссылки

https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
Mailing List
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2019-09-01
Vendor Advisory
https://usn.ubuntu.com/4526-1/
Third Party Advisory
https://usn.ubuntu.com/4527-1/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
Mailing List
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2019-09-01
Vendor Advisory
https://usn.ubuntu.com/4526-1/
Third Party Advisory
https://usn.ubuntu.com/4527-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 19%

0.0006

Низкий

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2019-9445

CVSS3: 4.4

ubuntu

больше 6 лет назад

CVE-2019-9445

CVSS3: 4.4

redhat

больше 6 лет назад

CVE-2019-9445

CVSS3: 4.4

debian

больше 6 лет назад

In the Android kernel in F2FS driver there is a possible out of bounds ...

GHSA-5jrf-fwh5-6qfr

CVSS3: 4.4

github

больше 3 лет назад

EPSS

Процентиль: 19%

0.0006

Низкий

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125