CVE-2019-15222 — NULL Pointer Dereference in Kernel

CWE-476 — NULL Pointer Dereference CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources

Severity

4.6MEDIUMNVD

EPSS

0.0%

top 94.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Opensuse Leap Debian Linux

Timeline

PublishedAug 19

Latest updateMay 24

Description

An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 0.9 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel< 5.2.8

▶debiandebian/linux

▶NVDopensuse/leap15.0, 15.1+1

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-mp35-57xp-m8fx: An issue was discovered in the Linux kernel before 5↗2022-05-24

▶

OSV

CVE-2019-15222: An issue was discovered in the Linux kernel before 5↗2019-08-19

▶

💥Exploits & PoCs

Exploit-DB

Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow↗2019-11-04

▶

📋Vendor Advisories

Red Hat

kernel: Null pointer dereference in the sound/usb/helper.c↗2019-08-02

▶

Debian

CVE-2019-15222: linux - An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointe...↗2019

▶

💬Community

Bugzilla

CVE-2019-15222 kernel: Null pointer dereference in the sound/usb/helper.c↗2019-09-07

▶

Bugzilla

CVE-2019-15222 kernel: Null pointer dereference in the sound/usb/helper.c [fedora-all]↗2019-09-07

▶