Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15213

Опубликовано: 19 авг. 2019
Источник: redhat
CVSS3: 4.3

Описание

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

A use-after-free flaw was found in the USB DVB media access driver in the Linux kernel. This flaw could allow an attacker to crash the system at device disconnect or for a kernel information leak problem to occur. The highest threat from this vulnerability is to system availability.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelWill not fix
Red Hat Enterprise Linux 7kernel-altWill not fix
Red Hat Enterprise Linux 7kernel-rtWill not fix
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise MRG 2kernel-rtWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1743580kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15213

CVSS3: 4.6
ubuntu
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

nvd логотип

CVE-2019-15213

CVSS3: 4.6
nvd
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

debian логотип

CVE-2019-15213

CVSS3: 4.6
debian
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.3. There is a u ...

github логотип

GHSA-55pq-996w-pmwq

CVSS3: 4.6
github
около 3 лет назад

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

fstec логотип

BDU:2019-03095

CVSS3: 4.6
fstec
около 6 лет назад

Уязвимость драйвера drivers/media/usb/dvb-usb/dvb-usb-init.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

4.3 Medium

CVSS3