CVE-2019-15223 — NULL Pointer Dereference in Kernel

CWE-476 — NULL Pointer Dereference CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents7 sources

Severity

4.6MEDIUMNVD

OSV7.4

EPSS

0.1%

top 81.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Canonical Ubuntu Linux Debian Linux

Timeline

PublishedAug 19

Latest updateMay 24

Description

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶NVDlinux/linux_kernel< 5.1.8

▶debiandebian/linux

Also affects: Ubuntu Linux 18.04, 19.04

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-47hc-xmv3-cfv3: An issue was discovered in the Linux kernel before 5↗2022-05-24

▶

OSV

linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities↗2019-10-04

▶

OSV

CVE-2019-15223: An issue was discovered in the Linux kernel before 5↗2019-08-19

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2019-10-04

▶

Red Hat

kernel: Null pointer dereference in the sound/usb/line6/driver.c↗2019-08-02

▶

Debian

CVE-2019-15223: linux - An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointe...↗2019

▶

💬Community

Bugzilla

CVE-2019-15223 kernel: Null pointer dereference in the sound/usb/line6/driver.c↗2019-09-07

▶

Bugzilla

CVE-2019-15223 kernel: Null pointer dereference in the sound/usb/line6/driver.c [fedora-all]↗2019-09-07

▶