5.1
CVE-2019-20386
- EPSS 0.43%
- Veröffentlicht 21.01.2020 06:15:11
- Zuletzt bearbeitet 09.06.2025 16:15:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Systemd Project ≫ Systemd Version < 243
Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version19.10
Fedoraproject ≫ Fedora Version30
Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere
Netapp ≫ Cloud Backup Version-
Netapp ≫ Steelstore Cloud Integrated Storage Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.341 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.4 | 0.9 | 1.4 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.1 | 2.5 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://usn.ubuntu.com/4269-1/
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html
https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/
https://security.netapp.com/advisory/ntap-20200210-0002/