Vulnerability CVE-2019-19525: Information
Description
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
Severity: MEDIUM (4.6) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fd25e6fc035f4b04b75bca6d7e8daa069603a76 |
|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6 |
|
[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3 |
|
openSUSE-SU-2019:2675 |
|
[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update |
|