Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

Vulnerability IntelligenceCVE-2019-12819

CVE-2019-12819

MEDIUM5.5

An issue was discovered in the Linux kernel before 5

Published Jun 14, 2019

Modified 1 years ago

Details

An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.

References

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html

WEB

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

WEB

http://www.securityfocus.com/bid/108768

WEB

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ff7b060535e87c2ae14dd8548512abfdda528fb

WEB

https://github.com/torvalds/linux/commit/6ff7b060535e87c2ae14dd8548512abfdda528fb

WEB

https://security.netapp.com/advisory/ntap-20190710-0002/

ADVISORY

https://usn.ubuntu.com/4094-1/

ADVISORY

https://usn.ubuntu.com/4118-1/

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2019-12819

CVSS Analysis

CVSS v3.0

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJun 14, 2019

ModifiedAug 4, 2024

CVE-2019-12819 | Mondoo Vulnerability Intelligence