In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2019/12/03/4 | Mailing List Third Party Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 | Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc | Patch Vendor Advisory |
https://usn.ubuntu.com/4226-1/ | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2019/12/03/4 | Mailing List Third Party Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 | Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc | Patch Vendor Advisory |
https://usn.ubuntu.com/4226-1/ | Third Party Advisory |
Configurations
History
21 Nov 2024, 04:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2019/12/03/4 - Mailing List, Third Party Advisory | |
References | () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 - Vendor Advisory | |
References | () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6af3aa57a0984e061f61308fe181a9a12359fecc - Patch, Vendor Advisory | |
References | () https://usn.ubuntu.com/4226-1/ - Third Party Advisory |
Information
Published : 2019-12-03 16:15
Updated : 2024-11-21 04:34
NVD link : CVE-2019-19526
Mitre link : CVE-2019-19526
CVE.ORG link : CVE-2019-19526
JSON object : View
Products Affected
opensuse
- leap
canonical
- ubuntu_linux
linux
- linux_kernel
CWE
CWE-416
Use After Free