In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13 | Release Notes |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0541791453fbe7f42867e310e0c9eb6295364d | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20191004-0001/ | Third Party Advisory |
https://support.f5.com/csp/article/K52136304?utm_source=f5support&utm_medium=RSS | Third Party Advisory |
Information
Published : 2019-08-29 11:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-15807
Mitre link : CVE-2019-15807
JSON object : View
CWE
CWE-401
Missing Release of Memory after Effective Lifetime
Products Affected
debian
- debian_linux
redhat
- enterprise_linux
linux
- linux_kernel