2.4

CVE-2019-19534

In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.3.11
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version16.04 SwEditionesm
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version19.04
CanonicalUbuntu Linux Version19.10
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.51% 0.395
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.4 0.9 1.4
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-909 Missing Initialization of Resource

The product does not initialize a critical resource.

https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
Third Party Advisory
Mailing List
https://usn.ubuntu.com/4225-1/
Third Party Advisory
https://usn.ubuntu.com/4225-2/
Third Party Advisory
https://usn.ubuntu.com/4226-1/
Third Party Advisory
https://usn.ubuntu.com/4227-1/
Third Party Advisory
https://usn.ubuntu.com/4227-2/
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
Vendor Advisory
Mailing List
https://usn.ubuntu.com/4228-1/
Third Party Advisory
https://usn.ubuntu.com/4228-2/
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/12/03/4
Third Party Advisory
Mailing List
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f7a1337f0d29b98733c8824e165fca3371d7d4fd
Patch
Vendor Advisory