In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Netapp
  • Data Availability Services
  • Steelstore Cloud Integrated Storage
  • Cloud Backup
  • Hci Baseboard Management Controller
  • Solidfire Baseboard Management Controller
  • Aff Baseboard Management Controller
  • Fas\/aff Baseboard Management Controller
  • Solidfire \& Hci Management Node
  • E-series Santricity Os Controller
  • Active Iq Unified Manager
Opensuse
  • Leap
Debian
  • Debian Linux
Linux
  • Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html Broken Link Mailing List Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6 Release Notes Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dea37a97265588da604c6ba80160a287b72c7bfd Exploit Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20200204-0002/ Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-25T03:01:38

Updated: 2020-03-13T13:06:11

Reserved: 2019-12-25T00:00:00

Link: CVE-2019-19966

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2019-12-25T04:15:12.457

Modified: 2022-12-20T22:15:21.010

Link: CVE-2019-19966

JSON object: View

cve-icon Redhat Information

No data.

CWE