CVE-2019-19462NULL Pointer Dereference in Kernel

CWE-476NULL Pointer Dereference15 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 71.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelCanonical Ubuntu LinuxDebian Linux+2 more
Timeline
PublishedNov 30
Latest updateMay 24

Description

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

Debianlinux/linux_kernel< 5.6.14-2+3
Ubuntulinux/linux_kernel< 4.4.0-184.214+2
NVDopensuse/leap15.1, 15.2+1

Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04

Patches

Patch: syzkaller-ppc64.appspot.comPatch: syzkaller-ppc64.appspot.comPatch: syzkaller-ppc64.appspot.com

🔴Vulnerability Details

6
GHSA
GHSA-87g6-m6v4-rm4w: relay_open in kernel/relay2022-05-24
OSV
linux-hwe, linux-aws-5.3, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, linux-raspi2-5.3 vulnerabilities2020-07-31
OSV
Kernel Live Patch Security Notice2020-07-27
OSV
linux, linux-aws, linux-azure, linux-azure-5.4, linux-gcp, linux-hwe-5.4, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4, linux-riscv vulnerabilities2020-07-27
OSV
CVE-2019-19462: relay_open in kernel/relay2019-11-30

📋Vendor Advisories

6
Ubuntu
linux kernel vulnerabilities2020-07-31
Ubuntu
Linux kernel vulnerabilities2020-07-27
Ubuntu
Linux kernel vulnerabilities2020-07-27
Ubuntu
Linux kernel vulnerabilities2020-07-06
Red Hat
kernel: NULL pointer dereference in relay_open in kernel/relay.c2019-11-29

💬Community

2
Bugzilla
CVE-2019-19462 kernel: NULL pointer dereference in relay_open in kernel/relay.c [fedora-all]2019-12-10
Bugzilla
CVE-2019-19462 kernel: NULL pointer dereference in relay_open in kernel/relay.c2019-12-10
CVE-2019-19462 — NULL Pointer Dereference in Kernel | cvebase