Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv3

CVE-2019-15212

Published: 19/08/2019 Updated: 09/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

An issue exists in the Linux kernel prior to 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

netapp h410c_firmware -

netapp data availability services -

netapp solidfire \\& hci management node -

netapp active iq unified manager -

netapp solidfire baseboard management controller -

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

canonical ubuntu linux 16.04

debian debian linux 8.0

opensuse leap 15.0

opensuse leap 15.1

Vendor Advisories

Ubuntu Security Notice: linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression
USN 4115-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: CVE-2019-15212
Impact: Moderate Public Date: 2019-08-19 CWE: CWE-416 Bugzilla: 1743556: CVE-2019-15212 kernel: double- ...

Mailing Lists

Full Disclosure: Linux kernel: multiple vulnerabilities in the USB subsystem x2
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Linux kernel: multiple vulnerabilities in the USB subsystem x2 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: An ...

References

CWE-415https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3864d33943b4a76c6e64616280e98d2410b1190fhttps://syzkaller.appspot.com/bug?id=64aa96c96f594a77eb8d945df21ec76dd35573b3http://www.openwall.com/lists/oss-security/2019/08/20/2https://usn.ubuntu.com/4115-1/https://usn.ubuntu.com/4118-1/https://security.netapp.com/advisory/ntap-20190905-0002/https://lists.debian.org/debian-lts-announce/2019/09/msg00014.htmlhttps://lists.debian.org/debian-lts-announce/2019/09/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlhttps://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlhttps://usn.ubuntu.com/4147-1/https://nvd.nist.govhttps://usn.ubuntu.com/4118-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook