← Back

CVE-2019-19053

nvd nist
Published: Nov 18, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

Affected (33)

Show all products
Linux: Linux Kernel · Canonical: Ubuntu Linux · Broadcom: Brocade Fabric Operating System Firmware · Netapp: Active Iq Unified Manager, Aff Baseboard Management Controller, Cloud Backup, Data Availability Services, E Series Santricity Os Controller, Fas/aff Baseboard Management Controller, Hci Baseboard Management Controller, Solidfire, Enterprise Sds & Hci Storage Node, Solidfire & Hci Management Node, Steelstore Cloud Integrated Storage, Solidfire Baseboard Management Controller Firmware, Hci Compute Node Firmware
Linux
1 product
Linux Kernel
Canonical
1 product
Ubuntu Linux
Broadcom
1 product
Brocade Fabric Operating System Firmware
Netapp
12 products
Active Iq Unified Manager
Aff Baseboard Management Controller
Cloud Backup
Data Availability Services
E Series Santricity Os Controller
Fas/aff Baseboard Management Controller
Hci Baseboard Management Controller
Solidfire, Enterprise Sds & Hci Storage Node
Solidfire & Hci Management Node
Steelstore Cloud Integrated Storage
Solidfire Baseboard Management Controller Firmware
Hci Compute Node Firmware
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Linux Kernel
From 4.20 to 5.4.12
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 19.10
Configuration C
28 vulnerable
Vulnerable SoftwareAffected Versions
Brocade Fabric Operating System Firmware
All versions
Active Iq Unified Manager
All versions
Aff Baseboard Management Controller
All versions
Cloud Backup
All versions
Data Availability Services
All versions
Netapp
E Series Santricity Os Controller
Version 11.0.0
E Series Santricity Os Controller
Version 11.0
E Series Santricity Os Controller
Version 11.20
E Series Santricity Os Controller
Version 11.25
E Series Santricity Os Controller
Version 11.30.5r3
E Series Santricity Os Controller
Version 11.30
E Series Santricity Os Controller
Version 11.40.3r2
E Series Santricity Os Controller
Version 11.40.5
E Series Santricity Os Controller
Version 11.40
E Series Santricity Os Controller
Version 11.50.1
E Series Santricity Os Controller
Version 11.50.2
E Series Santricity Os Controller
Version 11.50.2 p1
E Series Santricity Os Controller
Version 11.60.0
E Series Santricity Os Controller
Version 11.60.1
E Series Santricity Os Controller
Version 11.60.3
E Series Santricity Os Controller
Version 11.60
E Series Santricity Os Controller
Version 11.70.1
E Series Santricity Os Controller
Version 11.70.2
Fas/aff Baseboard Management Controller
All versions
Hci Baseboard Management Controller
Version h610s
Solidfire, Enterprise Sds & Hci Storage Node
All versions
Solidfire & Hci Management Node
All versions
Steelstore Cloud Integrated Storage
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Solidfire Baseboard Management Controller Firmware
All versions
Running on/withPlatform Versions
Netapp
Solidfire Baseboard Management Controller
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hci Compute Node Firmware
All versions
Running on/withPlatform Versions
Netapp
Hci Compute Node
All versions

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (8)

Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.