CVE-2019-11810

Published: May 7, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

Affected (12)

Products: Linux: Linux Kernel · Canonical: Ubuntu Linux · Debian: Debian Linux

1 product

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 3.16.69
Linux Linux Kernel	From 3.17 to 3.18.139
Linux Linux Kernel	From 3.19 to 4.4.179
Linux Linux Kernel	From 4.10 to 4.14.111
Linux Linux Kernel	From 4.15 to 4.19.34
Linux Linux Kernel	From 4.20 to 5.0.7
Linux Linux Kernel	From 4.5 to 4.9.168

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (44)

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/108286

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2019:1959

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1971

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2029

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2043

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2736

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2837

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:3217

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0036

Source: cve@mitre.org

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.7

Source: cve@mitre.org

Release NotesVendor Advisory

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bcf3b67d16a4c8ffae0aa79de5853435e683945c

Source: cve@mitre.org

PatchVendor Advisory

https://github.com/torvalds/linux/commit/bcf3b67d16a4c8ffae0aa79de5853435e683945c

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html

Source: cve@mitre.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190719-0003/

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K50484570

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4005-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4008-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4008-3/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4115-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4118-1/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html