CVE-2019-15217

An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/20/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/5 Mailing List Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 Release Notes
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e Patch
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20190905-0002/ Third Party Advisory
https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64 Exploit Third Party Advisory
https://usn.ubuntu.com/4147-1/ Third Party Advisory
https://usn.ubuntu.com/4286-1/ Third Party Advisory
https://usn.ubuntu.com/4286-2/ Third Party Advisory
https://usn.ubuntu.com/4302-1/ Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/20/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/22/5 Mailing List Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 Release Notes
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e Patch
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20190905-0002/ Third Party Advisory
https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64 Exploit Third Party Advisory
https://usn.ubuntu.com/4147-1/ Third Party Advisory
https://usn.ubuntu.com/4286-1/ Third Party Advisory
https://usn.ubuntu.com/4286-2/ Third Party Advisory
https://usn.ubuntu.com/4302-1/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

History

21 Nov 2024, 04:28

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html - Mailing List, Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2019/08/20/2 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2019/08/20/2 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2019/08/22/2 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2019/08/22/2 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2019/08/22/3 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2019/08/22/3 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2019/08/22/4 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2019/08/22/4 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2019/08/22/5 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2019/08/22/5 - Mailing List, Third Party Advisory
References () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 - Release Notes () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 - Release Notes
References () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e - Patch () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e - Patch
References () https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Mailing List, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20190905-0002/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20190905-0002/ - Third Party Advisory
References () https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64 - Exploit, Third Party Advisory () https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64 - Exploit, Third Party Advisory
References () https://usn.ubuntu.com/4147-1/ - Third Party Advisory () https://usn.ubuntu.com/4147-1/ - Third Party Advisory
References () https://usn.ubuntu.com/4286-1/ - Third Party Advisory () https://usn.ubuntu.com/4286-1/ - Third Party Advisory
References () https://usn.ubuntu.com/4286-2/ - Third Party Advisory () https://usn.ubuntu.com/4286-2/ - Third Party Advisory
References () https://usn.ubuntu.com/4302-1/ - Third Party Advisory () https://usn.ubuntu.com/4302-1/ - Third Party Advisory

09 Nov 2023, 14:44

Type Values Removed Values Added
First Time Netapp h410c
Netapp h410c Firmware
CPE cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

Information

Published : 2019-08-19 22:15

Updated : 2024-11-21 04:28


NVD link : CVE-2019-15217

Mitre link : CVE-2019-15217

CVE.ORG link : CVE-2019-15217


JSON object : View

Products Affected

netapp

  • solidfire_\&_hci_management_node
  • solidfire_baseboard_management_controller
  • h410c_firmware
  • h410c
  • data_availability_services
  • active_iq_unified_manager

canonical

  • ubuntu_linux

opensuse

  • leap

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-476

NULL Pointer Dereference