Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
4.6
CVSSv3

CVE-2019-15098

Published: 16/08/2019 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel up to and including 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

opensuse leap 15.0

canonical ubuntu linux 19.04

netapp element software -

netapp active iq performance analytics services -

canonical ubuntu linux 14.04

opensuse leap 15.1

netapp active iq unified manager

netapp data availability services -

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: linux, linux-hwe, linux-oem-osp1 vulnerability and regression
Several issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerability
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-hwe, linux-oem vulnerability and regression
Several issues were fixed in the Linux kernel ...
Red Hat: CVE-2019-15098
Impact: Moderate Public Date: 2019-08-20 CWE: CWE-476 Bugzilla: 1743552: CVE-2019-15098 kernel: a NULL ...

Mailing Lists

Full Disclosure: Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
On 2019-08-20 20:20:34, Andrey Konovalov wrote: This seems like it might be a duplicate of CVE-2019-15098 The fix for CVE-2019-15098 was recently merged upstream: gitkernelorg/pub/scm/linux/kernel/git/torvalds/linuxgit/commit/?id=39d170b3cb62ba98567f5c4f40c27b5864b304e5 If you agree, could you request that MITRE mark CVE-2019-15290 ...
Full Disclosure: Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
On 2019-09-27 19:01:48, Andrey Konovalov wrote: I've requested that MITRE mark CVE-2019-15290 as a dupe of CVE-2019-15098 Thanks! Tyler ...
Full Disclosure: Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2
On Fri, Sep 27, 2019 at 6:51 PM Tyler Hicks <tyhicks () canonical com> wrote: Oh, nice, Mathias and Hui found it as well and fixed it! =) Yes, these two CVEs are for the same issue, feel free to mark them as such Thanks! ...

References

CWE-476https://security.netapp.com/advisory/ntap-20190905-0002/http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlhttp://www.openwall.com/lists/oss-security/2019/09/27/3http://www.openwall.com/lists/oss-security/2019/09/27/2http://www.openwall.com/lists/oss-security/2019/09/27/1https://support.f5.com/csp/article/K61214359https://seclists.org/bugtraq/2019/Nov/11http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttps://usn.ubuntu.com/4185-1/https://usn.ubuntu.com/4184-1/https://usn.ubuntu.com/4186-1/https://usn.ubuntu.com/4186-2/https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlhttps://lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike%40gmail.com/T/#uhttps://support.f5.com/csp/article/K61214359?utm_source=f5support&%3Butm_medium=RSShttps://nvd.nist.govhttps://usn.ubuntu.com/4184-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCPCVE-2024-4577CVE-2024-2695CVE-2024-31870injectionCVE-2024-3813arbitrary codeCVE-2024-27801CVE-2024-30120
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook