Vulnerability CVE-2019-15504: Information

Description

drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Fixed packages

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      4.17

      End excliding

      4.19.74

      ---

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      4.20

      End excliding

      5.2.16

      ---

      Configuration 2

      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

      ---

      cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

      ---