Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15220

Опубликовано: 02 авг. 2019
Источник: redhat
CVSS3: 4.6
EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

A vulnerability was found in the Linux kernel in versions prior to 5.2.1. The Prism54 USB device driver is susceptible to malicious USB devices. An attacker able to add or remove USB devices could cause a memory corruption or crash leading to a denial of service. Availability is the highest threat to the system.

Меры по смягчению последствий

To mitigate this issue (for rhel5), prevent modules p54pci, prism54 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1749973kernel: Use-after-free in drivers/net/wireless/intersil/p54/p54usb.c

EPSS

Процентиль: 26%
0.00088
Низкий

4.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15220

CVSS3: 4.6
ubuntu
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

nvd логотип

CVE-2019-15220

CVSS3: 4.6
nvd
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

debian логотип

CVE-2019-15220

CVSS3: 4.6
debian
почти 6 лет назад

An issue was discovered in the Linux kernel before 5.2.1. There is a u ...

github логотип

GHSA-4r6f-r3vj-r486

CVSS3: 4.6
github
около 3 лет назад

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

fstec логотип

BDU:2019-03088

CVSS3: 4.6
fstec
почти 6 лет назад

Уязвимость драйвера drivers/net/wireless/intersil/p54/p54usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 26%
0.00088
Низкий

4.6 Medium

CVSS3