CVE-2019-15213 — Use After Free in Kernel

CWE-416 — Use After Free7 documents6 sources

Severity

4.6MEDIUMNVD

EPSS

0.2%

top 60.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Opensuse Leap Debian Linux

Timeline

PublishedAug 19

Latest updateMay 24

Description

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 0.9 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel< 5.2.3

▶debiandebian/linux

▶NVDopensuse/leap15.1

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-55pq-996w-pmwq: An issue was discovered in the Linux kernel before 5↗2022-05-24

▶

OSV

CVE-2019-15213: An issue was discovered in the Linux kernel before 5↗2019-08-19

▶

📋Vendor Advisories

Red Hat

kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c↗2019-08-19

▶

Debian

CVE-2019-15213: linux - An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-f...↗2019

▶

💬Community

Bugzilla

CVE-2019-15213 kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c↗2019-08-20

▶

Bugzilla

CVE-2019-15213 kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c [fedora-all]↗2019-08-20

▶