Executive Summary

Informations
NameCVE-2019-12819First vendor Publication2019-06-13
VendorCveLast vendor Modification2019-06-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12819

CWE : Common Weakness Enumeration

%idName
100 %CWE-416Use After Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2943

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108768
CONFIRM https://security.netapp.com/advisory/ntap-20190710-0002/
MISC https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f...
https://github.com/torvalds/linux/commit/6ff7b060535e87c2ae14dd8548512abfdda5...
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
UBUNTU https://usn.ubuntu.com/4094-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
DateInformations
2019-08-14 12:10:35
  • Multiple Updates
2019-07-11 12:10:19
  • Multiple Updates
2019-07-02 15:40:05
  • Multiple Updates
2019-06-19 09:19:34
  • Multiple Updates
2019-06-19 00:19:34
  • Multiple Updates
2019-06-18 21:19:28
  • Multiple Updates
2019-06-17 21:19:35
  • Multiple Updates
2019-06-14 09:19:26
  • First insertion