Published: 18/11/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 418

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
redhat enterprise linux 7.0
debian debian linux 8.0
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
fedoraproject fedora 30
canonical ubuntu linux 14.04
redhat enterprise linux 8.0
opensuse leap 15.1
canonical ubuntu linux 19.10
fedoraproject fedora 31

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Synopsis Important: kernel-alt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...

Synopsis Moderate: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...

A memory leak in the crypto_report() function in crypto/crypto_user_basec in the Linux kernel through 5311 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042 (CVE-2019-19062) An out-of-bounds memory write issue was found in the Linux Kernel, version 313 through 5 ...

Several security issues were fixed in the Linux kernel ...

CWE-401 https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc https://security.netapp.com/advisory/ntap-20191205-0001/http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://seclists.org/bugtraq/2020/Jan/10 http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://usn.ubuntu.com/4254-1/https://usn.ubuntu.com/4254-2/https://usn.ubuntu.com/4258-1/https://usn.ubuntu.com/4287-1/https://usn.ubuntu.com/4287-2/https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/4284-1/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:4062 https://usn.ubuntu.com/4287-2/https://alas.aws.amazon.com/AL2/ALAS-2020-1392.html

Get Started

CVE-2019-19062

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect