Published: 18/11/2019 Updated: 07/11/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 5.5
fedoraproject fedora 30
fedoraproject fedora 31
canonical ubuntu linux 18.04
canonical ubuntu linux 19.10
netapp steelstore cloud integrated storage -
netapp data availability services -
netapp solidfire -
netapp hci management node -
netapp hci storage node -
netapp active iq unified manager -
netapp hci compute node -
netapp e-series santricity os controller
broadcom fabric operating system -
netapp aff_a700s_firmware -
netapp fas8300_firmware -
netapp fas8700_firmware -
netapp aff_a400_firmware -
netapp h610s_firmware -

Several security issues were fixed in the Linux kernel ...

CWE-401 https://github.com/torvalds/linux/commit/c03b04dcdba1da39903e23cc4d072abf8f68f2dd https://security.netapp.com/advisory/ntap-20191205-0001/https://usn.ubuntu.com/4258-1/http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html https://usn.ubuntu.com/4284-1/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/https://nvd.nist.gov https://usn.ubuntu.com/4284-1/

CVE-2019-19050

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect