CVE-2019-19947
published 2019-12-24CVE-2019-19947: In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c…
medium4.6CVSS 3.1
AVPACLPRNUINSUCHINAN
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 5.4.8-1 (bookworm) | linux 5.4.8-1 (bookworm) |
| linux | linux_kernel | <= 5.4.6 | — |
| linux | linux_kernel | >= 0 < 5.4.8-1 | 5.4.8-1 |
| linux | linux_kernel | >= 0 < 5.4.8-1 | 5.4.8-1 |
| linux | linux_kernel | >= 0 < 5.4.8-1 | 5.4.8-1 |
| linux | linux_kernel | >= 0 < 5.4.8-1 | 5.4.8-1 |
| linux | linux_kernel | >= 0 < 4.4.0-186.216 | 4.4.0-186.216 |
| linux | linux_kernel | >= 0 < 4.15.0-115.116 | 4.15.0-115.116 |
| netapp | aff_baseboard_management_controller | — | — |
| netapp | e-series_santricity_os_controller | 11.0 – 11.70.2 | — |
| netapp | hci_baseboard_management_controller | — | — |
CVSS provenance
nvdv3.14.6MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.8HIGH