First published: Mon Aug 19 2019(Updated: )
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
Linux Kernel | <5.2.1 | |
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp Active IQ Unified Manager for VMware vSphere | ||
NetApp Data Availability Services | ||
NetApp SolidFire & HCI Management Node | ||
NetApp SolidFire | ||
Ubuntu | =14.04 | |
Ubuntu | =16.04 | |
Ubuntu | =18.04 | |
Ubuntu | =19.04 | |
Debian Linux | =8.0 | |
SUSE Linux | =15.0 | |
SUSE Linux | =15.1 | |
All of | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp Baseboard Management Controller H410C | ||
NetApp Baseboard Management Controller H410C Firmware | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-15220 has a high severity rating due to the potential for remote code execution from a malicious USB device.
To fix CVE-2019-15220, upgrade your Linux kernel to version 5.2.1 or later.
CVE-2019-15220 affects Linux kernel versions prior to 5.2.1.
Yes, CVE-2019-15220 may impact certain versions of Android that utilize the affected Linux kernel.
If an immediate upgrade is not possible, consider implementing strict USB device policies to mitigate potential exploitation of CVE-2019-15220.