SB2019111822 - Memory leak in Linux kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019111822

SB2019111822 - Memory leak in Linux kernel

Published: November 18, 2019 Updated: June 1, 2020

Security Bulletin ID SB2019111822
Severity
Medium
Patch available
NO
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Memory leak (CVE-ID: CVE-2019-19076)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted. A remote attacker can perform a denial of service attack.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References