CVE-2019-12614

Published: Jun 3, 2019Modified: Nov 21, 2024

4.1

Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.5 / Impact: 3.6

Source: NVD

Description

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

Affected (11)

Products: Linux: Linux Kernel · Canonical: Ubuntu Linux · Fedoraproject: Fedora · +2 more

Show all products

Linux: Linux Kernel · Canonical: Ubuntu Linux · Fedoraproject: Fedora · Opensuse: Leap · Redhat: Enterprise Linux

1 product

1 product

1 product

1 product

1 product

Enterprise Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 5.1.6

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0

Related CWEs

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (36)

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html

Source: cve@mitre.org

Third Party Advisory

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/108550

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607

Source: cve@mitre.org

PatchVendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/

Source: cve@mitre.org

https://lkml.org/lkml/2019/6/3/526

Source: cve@mitre.org

PatchVendor Advisory

https://seclists.org/bugtraq/2020/Jan/10

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20190710-0002/

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K54337315

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K54337315?utm_source=f5support&amp%3Butm_medium=RSS

Source: cve@mitre.org

https://usn.ubuntu.com/4093-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4094-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4095-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4095-2/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/108550

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lkml.org/lkml/2019/6/3/526

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://seclists.org/bugtraq/2020/Jan/10

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20190710-0002/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.f5.com/csp/article/K54337315

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.f5.com/csp/article/K54337315?utm_source=f5support&amp%3Butm_medium=RSS

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4093-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4094-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4095-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4095-2/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.