CVE-2019-19057 — Missing Release of Memory after Effective Lifetime in Kernel
Severity
3.3LOWNVD
EPSS
0.1%
top 74.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 18
Latest updateMay 24
Description
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4
Affected Packages5 packages
Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 16.04, 18.04, 19.10, Fedora 30, 31
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-qcvw-pg56-ghf2: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie↗2022-05-24
OSV▶
CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie↗2019-11-18
CVEList▶
CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie↗2019-11-18
📋Vendor Advisories
8💬Community
2Bugzilla▶
CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS↗2019-11-21
Bugzilla▶
CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS [fedora-all]↗2019-11-21