CVE-2019-16231NULL Pointer Dereference in Ubuntu Linux

CWE-476NULL Pointer Dereference20 documents7 sources
Severity
4.1MEDIUMNVD
OSV9.8OSV8.8OSV5.5
EPSS
0.0%
top 94.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelCanonical Ubuntu LinuxOpensuse Leap+2 more
Timeline
PublishedSep 11
Latest updateMay 24

Description

drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.5 | Impact: 3.6

Affected Packages4 packages

Ubuntulinux/linux_kernel< 4.4.0-208.240+1
NVDlinux/linux_kernel5.2.14
debiandebian/linux
NVDopensuse/leap15.0, 15.1+1

Also affects: Ubuntu Linux 14.04, 16.04, 18.04, 19.04, 19.10, Enterprise Linux 7.0, 8.0

Patches

Patch: lkml.orgPatch: lkml.org

🔴Vulnerability Details

8
GHSA
GHSA-586m-p64v-cchj: drivers/net/fjes/fjes_main2022-05-24
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities2021-04-13
OSV
linux-hwe vulnerabilities2020-01-18
OSV
linux-azure vulnerabilities2020-01-07
OSV
linux, linux-aws, linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2 vulnerabilities2020-01-07

📋Vendor Advisories

8
Ubuntu
Linux kernel vulnerabilities2021-04-13
Ubuntu
Linux kernel (HWE) vulnerabilities2020-01-18
Ubuntu
Linux kernel vulnerabilities2020-01-07
Ubuntu
Linux kernel vulnerabilities2020-01-07
Ubuntu
Linux kernel (Azure) vulnerabilities2020-01-07

💬Community

3
Bugzilla
CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c [fedora-all]2019-10-10
Bugzilla
CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c2019-10-10
Bugzilla
CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c [fedora-all]2019-10-10