CVE-2019-19050
published 2019-11-18CVE-2019-19050: A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | linux | < linux 5.4.6-1 (bookworm) | linux 5.4.6-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.4.6-1 | 5.4.6-1 |
| linux | linux_kernel | >= 0 < 5.4.6-1 | 5.4.6-1 |
| linux | linux_kernel | >= 0 < 5.4.6-1 | 5.4.6-1 |
| linux | linux_kernel | >= 0 < 5.4.6-1 | 5.4.6-1 |
| linux | linux_kernel | >= 4.20 < 5.3.16 | 5.3.16 |
| linux | linux_kernel | >= 5.4 < 5.4.3 | 5.4.3 |
| netapp | e-series_santricity_os_controller | 11.0.0 – 11.60.3 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH