6.5

CVE-2019-3460

Exploit
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.83% 0.76
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 3.3 6.5 2.9
AV:A/AC:L/Au:N/C:P/I:N/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://access.redhat.com/errata/RHSA-2019:3517
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/06/27/7
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2019/06/28/1
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2019/06/28/2
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2019:2029
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2043
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2019:3309
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/06/27/2
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2019/08/12/1
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2020:0740
Third Party Advisory
https://marc.info/?l=oss-security&m=154721580222522&w=2
Patch
Third Party Advisory
Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=1663179
Third Party Advisory
Issue Tracking
Mitigation
https://git.kernel.org/linus/af3d5d1c87664a4f150fcf3534c6567cb19909b0
Patch
Vendor Advisory
https://lore.kernel.org/linux-bluetooth/20190110062917.GB15047%40kroah.com/
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3460.html
Third Party Advisory