4.6
CVSSv3

CVE-2019-15098

Published: 16/08/2019 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel up to and including 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

opensuse leap 15.0

canonical ubuntu linux 19.04

netapp element software -

netapp active iq performance analytics services -

canonical ubuntu linux 14.04

opensuse leap 15.1

netapp active iq unified manager

netapp data availability services -

debian debian linux 8.0

Vendor Advisories

Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Impact: Moderate Public Date: 2019-08-20 CWE: CWE-476 Bugzilla: 1743552: CVE-2019-15098 kernel: a NULL ...

Mailing Lists

On 2019-08-20 20:20:34, Andrey Konovalov wrote: This seems like it might be a duplicate of CVE-2019-15098 The fix for CVE-2019-15098 was recently merged upstream: gitkernelorg/pub/scm/linux/kernel/git/torvalds/linuxgit/commit/?id=39d170b3cb62ba98567f5c4f40c27b5864b304e5 If you agree, could you request that MITRE mark CVE-2019-15290 ...
On 2019-09-27 19:01:48, Andrey Konovalov wrote: I've requested that MITRE mark CVE-2019-15290 as a dupe of CVE-2019-15098 Thanks! Tyler ...
On Fri, Sep 27, 2019 at 6:51 PM Tyler Hicks <tyhicks () canonical com> wrote: Oh, nice, Mathias and Hui found it as well and fixed it! =) Yes, these two CVEs are for the same issue, feel free to mark them as such Thanks! ...