An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 | Release Notes |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7 | Patch |
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced | Exploit |
http://www.openwall.com/lists/oss-security/2019/08/20/2 | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20190905-0002/ | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2019-08-19 15:15
Updated : 2023-02-28 18:04
NVD link : CVE-2019-15213
Mitre link : CVE-2019-15213
JSON object : View
CWE
CWE-416
Use After Free
Products Affected
netapp
- solidfire_\&_hci_management_node
- active_iq_unified_manager
- baseboard_management_controller_h410c_firmware
- baseboard_management_controller_h410c
- data_availability_services
- solidfire_baseboard_management_controller
opensuse
- leap
linux
- linux_kernel