Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15807

Опубликовано: 29 авг. 2019
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sas_ex_discover_expander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability.

Отчет

This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (system-wide out-of-memory condition, high privileges or physical access).

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernel-altFix deferred
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise MRG 2kernel-rtOut of support scope
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2020:406229.09.2020
Red Hat Enterprise Linux 7kernelFixedRHSA-2020:406029.09.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1747216kernel: Memory leak in drivers/scsi/libsas/sas_expander.c

EPSS

Процентиль: 28%
0.00095
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15807

CVSS3: 4.7
ubuntu
почти 6 лет назад

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

nvd логотип

CVE-2019-15807

CVSS3: 4.7
nvd
почти 6 лет назад

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

debian логотип

CVE-2019-15807

CVSS3: 4.7
debian
почти 6 лет назад

In the Linux kernel before 5.1.13, there is a memory leak in drivers/s ...

github логотип

GHSA-vwgq-pmmf-6whv

github
около 3 лет назад

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

oracle-oval логотип

ELSA-2020-5512

oracle-oval
больше 5 лет назад

ELSA-2020-5512: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 28%
0.00095
Низкий

4.7 Medium

CVSS3

Уязвимость CVE-2019-15807