Published: 26/07/2019 Updated: 11/08/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.2 | Impact Score: 3.6 | Exploitability Score: 2.5

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

In the Linux kernel prior to 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed If a PCI physical function is passed through to a Xen guest, the guest is able to access its memory and I ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI (SAS) devices, which could lead to a use-after-free It is not clear how thi ...

Several security issues were fixed in the Linux kernel ...

USN 4115-1 introduced a regression in the Linux kernel ...

Impact: Moderate Public Date: 2019-07-26 CWE: CWE-400 Bugzilla: 1734246: CVE-2019-14284 kernel: denial ...

CWE-369 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3554aeb991214cbfafd17d55e2bfddb50282e32 https://github.com/torvalds/linux/commit/f3554aeb991214cbfafd17d55e2bfddb50282e32 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https://www.debian.org/security/2019/dsa-4495 https://seclists.org/bugtraq/2019/Aug/13 https://www.debian.org/security/2019/dsa-4497 https://seclists.org/bugtraq/2019/Aug/18 https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html https://seclists.org/bugtraq/2019/Aug/26 https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html https://usn.ubuntu.com/4114-1/https://usn.ubuntu.com/4117-1/https://usn.ubuntu.com/4116-1/https://usn.ubuntu.com/4115-1/https://usn.ubuntu.com/4118-1/https://security.netapp.com/advisory/ntap-20190905-0002/http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://nvd.nist.gov https://www.debian.org/security/2019/dsa-4497 https://usn.ubuntu.com/4116-1/

CVE-2019-14284

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect