Executive Summary

Informations
NameCVE-2019-12615First vendor Publication2019-06-03
VendorCveLast vendor Modification2019-07-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12615

CWE : Common Weakness Enumeration

%idName
100 %CWE-476NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3290

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108549
CONFIRM https://security.netapp.com/advisory/ntap-20190710-0002/
https://support.f5.com/csp/article/K60924046
MISC https://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc.git/commit/?id=80...
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2014901.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
DateInformations
2019-09-18 12:10:44
  • Multiple Updates
2019-09-12 12:10:59
  • Multiple Updates
2019-08-28 12:05:35
  • Multiple Updates
2019-08-06 12:03:48
  • Multiple Updates
2019-07-10 17:19:13
  • Multiple Updates
2019-07-02 15:40:04
  • Multiple Updates
2019-06-21 12:09:51
  • Multiple Updates
2019-06-18 12:09:54
  • Multiple Updates
2019-06-15 12:10:36
  • Multiple Updates
2019-06-04 21:19:25
  • Multiple Updates
2019-06-04 17:19:09
  • Multiple Updates
2019-06-04 05:19:25
  • First insertion