Vulnerability-Lookup

BDU:2019-04665

Vulnerability from fstec - Published: 11.09.2019

Title

Уязвимость функции i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) ядра операционной системы Linux связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения, АО «Концерн ВНИИНС»

Software Name

Linux, ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

от 4.5 до 4.9.210 включительно (Linux), от 4.10 до 4.14.165 включительно (Linux), до 16.01.2023 (ОС ОН «Стрелец»), от 4.20 до 5.3.10 включительно (Linux), от 4.15 до 4.19.111 включительно (Linux), от 2.6.29 до 4.4.210 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.166 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.211 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.211 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 Для ОС ОН «Стрелец»: Обновление программного обеспечения linux до версии 5.4.123-1~bpo10+1.osnova162.strelets

Reference

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19051 https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.166 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.211 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.211 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2019-19051 https://security.netapp.com/advisory/ntap-20191205-0001/ https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://ubuntu.com/security/notices/USN-4225-1 https://ubuntu.com/security/notices/USN-4225-2 https://ubuntu.com/security/notices/USN-4286-1 https://ubuntu.com/security/notices/USN-4286-2 https://ubuntu.com/security/notices/USN-4302-1 https://ubuntu.com/security/notices/USN-4344-1 https://usn.ubuntu.com/4225-1/ https://usn.ubuntu.com/4225-2/ https://usn.ubuntu.com/4286-1/ https://usn.ubuntu.com/4286-2/ https://usn.ubuntu.com/4302-1/ https://usn.ubuntu.com/4344-1/ https://usn.ubuntu.com/usn/usn-4225-1 https://usn.ubuntu.com/usn/usn-4225-2 https://usn.ubuntu.com/usn/usn-4286-1 https://usn.ubuntu.com/usn/usn-4286-2 https://usn.ubuntu.com/usn/usn-4302-1 https://usn.ubuntu.com/usn/usn-4344-1 https://www.cve.org/CVERecord?id=CVE-2019-19051

CWE

CWE-400, CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 4.5 \u0434\u043e 4.9.210 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.165 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb), \u043e\u0442 4.20 \u0434\u043e 5.3.10 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.111 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.29 \u0434\u043e 4.4.210 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.166\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.211\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.211\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f linux \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.4.123-1~bpo10+1.osnova162.strelets",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.09.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "03.12.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.12.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-04665",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-19051",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux, \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 5.3.11 , \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400), \u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19051\nhttps://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.166\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.211\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.211\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11\nhttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.html\nhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19051\nhttps://security.netapp.com/advisory/ntap-20191205-0001/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://ubuntu.com/security/notices/USN-4225-1\nhttps://ubuntu.com/security/notices/USN-4225-2\nhttps://ubuntu.com/security/notices/USN-4286-1\nhttps://ubuntu.com/security/notices/USN-4286-2\nhttps://ubuntu.com/security/notices/USN-4302-1\nhttps://ubuntu.com/security/notices/USN-4344-1\nhttps://usn.ubuntu.com/4225-1/\nhttps://usn.ubuntu.com/4225-2/\nhttps://usn.ubuntu.com/4286-1/\nhttps://usn.ubuntu.com/4286-2/\nhttps://usn.ubuntu.com/4302-1/\nhttps://usn.ubuntu.com/4344-1/\nhttps://usn.ubuntu.com/usn/usn-4225-1\nhttps://usn.ubuntu.com/usn/usn-4225-2\nhttps://usn.ubuntu.com/usn/usn-4286-1\nhttps://usn.ubuntu.com/usn/usn-4286-2\nhttps://usn.ubuntu.com/usn/usn-4302-1\nhttps://usn.ubuntu.com/usn/usn-4344-1\nhttps://www.cve.org/CVERecord?id=CVE-2019-19051",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400, CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}

CVE-2019-19051 (GCVE-0-2019-19051)

Vulnerability from cvelistv5 – Published: 2019-11-18 05:23 – Updated: 2024-08-05 02:09

Summary

A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan…	x_refsource_MISC
	https://github.com/torvalds/linux/commit/6f3ef5c2…	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2019120…	x_refsource_CONFIRM
	https://usn.ubuntu.com/4225-1/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4225-2/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4286-2/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4286-1/	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://usn.ubuntu.com/4302-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4344-1/	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:09:38.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
          },
          {
            "name": "USN-4225-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4225-1/"
          },
          {
            "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
          },
          {
            "name": "USN-4225-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4225-2/"
          },
          {
            "name": "USN-4286-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4286-2/"
          },
          {
            "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
          },
          {
            "name": "USN-4286-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4286-1/"
          },
          {
            "name": "openSUSE-SU-2020:0336",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
          },
          {
            "name": "USN-4302-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4302-1/"
          },
          {
            "name": "USN-4344-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4344-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-01T19:06:07.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
        },
        {
          "name": "USN-4225-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4225-1/"
        },
        {
          "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
        },
        {
          "name": "USN-4225-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4225-2/"
        },
        {
          "name": "USN-4286-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4286-2/"
        },
        {
          "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
        },
        {
          "name": "USN-4286-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4286-1/"
        },
        {
          "name": "openSUSE-SU-2020:0336",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
        },
        {
          "name": "USN-4302-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4302-1/"
        },
        {
          "name": "USN-4344-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4344-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/6f3ef5c25cc762687a7341c18cbea5af54461407"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20191205-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
            },
            {
              "name": "USN-4225-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4225-1/"
            },
            {
              "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
            },
            {
              "name": "USN-4225-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4225-2/"
            },
            {
              "name": "USN-4286-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4286-2/"
            },
            {
              "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
            },
            {
              "name": "USN-4286-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4286-1/"
            },
            {
              "name": "openSUSE-SU-2020:0336",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
            },
            {
              "name": "USN-4302-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4302-1/"
            },
            {
              "name": "USN-4344-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4344-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19051",
    "datePublished": "2019-11-18T05:23:49.000Z",
    "dateReserved": "2019-11-18T00:00:00.000Z",
    "dateUpdated": "2024-08-05T02:09:38.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2019-04665

CVE-2019-19051 (GCVE-0-2019-19051)

Tags

Sightings

Nomenclature