CVE-2019-19079

Published: Nov 18, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.

Affected (3)

Products: Linux: Linux Kernel · Canonical: Ubuntu Linux

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.18 to 4.19.89
Linux Linux Kernel	From 4.20 to 5.3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 18.04

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (8)

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3

Source: cve@mitre.org

Release NotesVendor Advisory

https://github.com/torvalds/linux/commit/a21b7f0cff1906a93a0130b74713b15a0b36481d

Source: cve@mitre.org

PatchTool Signature

https://security.netapp.com/advisory/ntap-20191205-0001/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4258-1/

Source: cve@mitre.org

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://github.com/torvalds/linux/commit/a21b7f0cff1906a93a0130b74713b15a0b36481d

Source: af854a3a-2127-422b-91ae-364da2661108

PatchTool Signature

https://security.netapp.com/advisory/ntap-20191205-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4258-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.