First published: Mon Jun 03 2019(Updated: )
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=2.6.12.1<4.14.130 | |
Linux Linux kernel | >=4.19<4.19.56 | |
Linux Linux kernel | >=5.1<5.1.15 | |
Linux Linux kernel | =2.6.12-rc2 | |
Linux Linux kernel | =2.6.12-rc3 | |
Linux Linux kernel | =2.6.12-rc4 | |
Linux Linux kernel | =2.6.12-rc5 | |
Linux Linux kernel | =2.6.12-rc6 | |
Linux Linux kernel | =5.2-rc1 | |
Linux Linux kernel | =5.2-rc2 | |
Linux Linux kernel | =5.2-rc3 | |
Linux Linux kernel | =5.2-rc4 | |
Netapp Aff A700s Firmware | ||
NetApp AFF A700s | ||
Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
Netapp Hci Management Node | ||
Netapp Solidfire | ||
Netapp Cn1610 Firmware | ||
Netapp Cn1610 | ||
Netapp H610s Firmware | ||
Netapp H610s |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-12615 is a vulnerability in the Linux kernel that allows an attacker to cause a denial of service (NULL pointer dereference and system crash).
CVE-2019-12615 has a severity rating of 7.5, which is considered high.
CVE-2019-12615 affects the Linux kernel versions 2.6.12.1 to 4.14.130, 4.19 to 4.19.56, and 5.1 to 5.1.15.
To fix CVE-2019-12615, you should update your Linux kernel to a version that is not vulnerable.
You can find more information about CVE-2019-12615 on the following websites: http://www.securityfocus.com/bid/108549, https://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc.git/commit/?id=80caf43549e7e41a695c6d1e11066286538b336f, and https://security.netapp.com/advisory/ntap-20190710-0002/