Published: 18/11/2019 Updated: 11/04/2024

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 419

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel prior to 5.3.9 allows malicious users to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because "rhashtable_init() can only fail if it is passed invalid values in the second parameter's struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem).

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04
opensuse leap 15.1
canonical ubuntu linux 19.10

Several security issues were fixed in the Linux kernel ...

CWE-401 https://github.com/torvalds/linux/commit/34b3be18a04ecdc610aae4c48e5d1b799d8689f6 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://usn.ubuntu.com/4208-1/https://usn.ubuntu.com/4210-1/https://security.netapp.com/advisory/ntap-20191205-0001/http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://usn.ubuntu.com/4226-1/https://nvd.nist.gov https://usn.ubuntu.com/4226-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-19065

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect