CVE-2019-19063
First published: Mon Nov 18 2019(Updated: )
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
| redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
| redhat/kernel-rt | <0:4.18.0-240.rt7.54.el8 | 0:4.18.0-240.rt7.54.el8 |
| redhat/kernel | <0:4.18.0-240.el8 | 0:4.18.0-240.el8 |
| ubuntu/linux | <4.15.0-88.88 | 4.15.0-88.88 |
| ubuntu/linux | <5.3.0-40.32 | 5.3.0-40.32 |
| ubuntu/linux | <5.5~ | 5.5~ |
| ubuntu/linux | <4.4.0-173.203 | 4.4.0-173.203 |
| ubuntu/linux-aws | <4.15.0-1060.62 | 4.15.0-1060.62 |
| ubuntu/linux-aws | <5.3.0-1011.12 | 5.3.0-1011.12 |
| ubuntu/linux-aws | <4.4.0-1061.65 | 4.4.0-1061.65 |
| ubuntu/linux-aws | <5.5~ | 5.5~ |
| ubuntu/linux-aws | <4.4.0-1101.112 | 4.4.0-1101.112 |
| ubuntu/linux-aws-5.0 | <5.0.0-1025.28 | 5.0.0-1025.28 |
| ubuntu/linux-aws-5.0 | <5.5~ | 5.5~ |
| ubuntu/linux-aws-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-aws-hwe | <5.5~ | 5.5~ |
| ubuntu/linux-aws-hwe | <4.15.0-1060.62~16.04.1 | 4.15.0-1060.62~16.04.1 |
| ubuntu/linux-azure | <5.0.0-1032.34 | 5.0.0-1032.34 |
| ubuntu/linux-azure | <5.3.0-1013.14 | 5.3.0-1013.14 |
| ubuntu/linux-azure | <4.15.0-1071.76~14.04.1 | 4.15.0-1071.76~14.04.1 |
| ubuntu/linux-azure | <5.5~ | 5.5~ |
| ubuntu/linux-azure | <4.15.0-1071.76 | 4.15.0-1071.76 |
| ubuntu/linux-azure-4.15 | <5.5~ | 5.5~ |
| ubuntu/linux-azure-5.3 | <5.3.0-1013.14~18.04.1 | 5.3.0-1013.14~18.04.1 |
| ubuntu/linux-azure-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-azure-edge | <5.5~ | 5.5~ |
| ubuntu/linux-gcp | <5.0.0-1031.32 | 5.0.0-1031.32 |
| ubuntu/linux-gcp | <5.3.0-1012.13 | 5.3.0-1012.13 |
| ubuntu/linux-gcp | <5.5~ | 5.5~ |
| ubuntu/linux-gcp | <4.15.0-1055.59 | 4.15.0-1055.59 |
| ubuntu/linux-gcp-4.15 | <5.5~ | 5.5~ |
| ubuntu/linux-gcp-5.3 | <5.3.0-1012.13~18.04.1 | 5.3.0-1012.13~18.04.1 |
| ubuntu/linux-gcp-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-gcp-edge | <5.5~ | 5.5~ |
| ubuntu/linux-gke-4.15 | <4.15.0-1052.55 | 4.15.0-1052.55 |
| ubuntu/linux-gke-4.15 | <5.5~ | 5.5~ |
| ubuntu/linux-gke-5.0 | <5.0.0-1030.31 | 5.0.0-1030.31 |
| ubuntu/linux-gke-5.0 | <5.5~ | 5.5~ |
| ubuntu/linux-gke-5.3 | <5.3.0-1012.13~18.04.1 | 5.3.0-1012.13~18.04.1 |
| ubuntu/linux-gke-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-hwe | <5.3.0-40.32~18.04.1 | 5.3.0-40.32~18.04.1 |
| ubuntu/linux-hwe | <5.5~ | 5.5~ |
| ubuntu/linux-hwe | <4.15.0-88.88~16.04.1 | 4.15.0-88.88~16.04.1 |
| ubuntu/linux-hwe-edge | <5.5~ | 5.5~ |
| ubuntu/linux-kvm | <4.15.0-1053.53 | 4.15.0-1053.53 |
| ubuntu/linux-kvm | <5.3.0-1010.11 | 5.3.0-1010.11 |
| ubuntu/linux-kvm | <5.5~ | 5.5~ |
| ubuntu/linux-kvm | <4.4.0-1065.72 | 4.4.0-1065.72 |
| ubuntu/linux-lts-trusty | <5.5~ | 5.5~ |
| ubuntu/linux-lts-xenial | <4.4.0-173.203~14.04.1 | 4.4.0-173.203~14.04.1 |
| ubuntu/linux-lts-xenial | <5.5~ | 5.5~ |
| ubuntu/linux-oem | <4.15.0-1073.83 | 4.15.0-1073.83 |
| ubuntu/linux-oem | <5.5~ | 5.5~ |
| ubuntu/linux-oem-5.6 | <5.5~ | 5.5~ |
| ubuntu/linux-oem-osp1 | <5.0.0-1039.44 | 5.0.0-1039.44 |
| ubuntu/linux-oem-osp1 | <5.5~ | 5.5~ |
| ubuntu/linux-oracle | <4.15.0-1033.36 | 4.15.0-1033.36 |
| ubuntu/linux-oracle | <5.3.0-1009.10 | 5.3.0-1009.10 |
| ubuntu/linux-oracle | <5.5~ | 5.5~ |
| ubuntu/linux-oracle | <4.15.0-1033.36~16.04.1 | 4.15.0-1033.36~16.04.1 |
| ubuntu/linux-oracle-5.0 | <5.0.0-1011.16 | 5.0.0-1011.16 |
| ubuntu/linux-oracle-5.0 | <5.5~ | 5.5~ |
| ubuntu/linux-oracle-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-raspi | <5.5~ | 5.5~ |
| ubuntu/linux-raspi2 | <4.15.0-1055.59 | 4.15.0-1055.59 |
| ubuntu/linux-raspi2 | <5.3.0-1018.20 | 5.3.0-1018.20 |
| ubuntu/linux-raspi2 | <5.5~ | 5.5~ |
| ubuntu/linux-raspi2 | <4.4.0-1128.137 | 4.4.0-1128.137 |
| ubuntu/linux-raspi2-5.3 | <5.3.0-1018.20~18.04.1 | 5.3.0-1018.20~18.04.1 |
| ubuntu/linux-raspi2-5.3 | <5.5~ | 5.5~ |
| ubuntu/linux-riscv | <5.5~ | 5.5~ |
| ubuntu/linux-snapdragon | <4.15.0-1072.79 | 4.15.0-1072.79 |
| ubuntu/linux-snapdragon | <5.5~ | 5.5~ |
| ubuntu/linux-snapdragon | <4.4.0-1132.140 | 4.4.0-1132.140 |
| Linux Linux kernel | <=5.3.11 | |
| Oracle SD-WAN Edge | =8.2 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =19.10 | |
| Fedoraproject Fedora | =30 | |
| Fedoraproject Fedora | =31 | |
| openSUSE Leap | =15.1 | |
| Netapp Active Iq Unified Manager Vmware Vsphere | ||
| Netapp Aff Baseboard Management Controller | ||
| Netapp Cloud Backup | ||
| Netapp Data Availability Services | ||
| NetApp E-Series SANtricity OS Controller | =11.0 | |
| NetApp E-Series SANtricity OS Controller | =11.0.0 | |
| NetApp E-Series SANtricity OS Controller | =11.20 | |
| NetApp E-Series SANtricity OS Controller | =11.25 | |
| NetApp E-Series SANtricity OS Controller | =11.30 | |
| NetApp E-Series SANtricity OS Controller | =11.30.5r3 | |
| NetApp E-Series SANtricity OS Controller | =11.40 | |
| NetApp E-Series SANtricity OS Controller | =11.40.3r2 | |
| NetApp E-Series SANtricity OS Controller | =11.40.5 | |
| NetApp E-Series SANtricity OS Controller | =11.50.1 | |
| NetApp E-Series SANtricity OS Controller | =11.50.2 | |
| NetApp E-Series SANtricity OS Controller | =11.50.2-p1 | |
| NetApp E-Series SANtricity OS Controller | =11.60 | |
| NetApp E-Series SANtricity OS Controller | =11.60.0 | |
| NetApp E-Series SANtricity OS Controller | =11.60.1 | |
| NetApp E-Series SANtricity OS Controller | =11.60.3 | |
| NetApp E-Series SANtricity OS Controller | =11.70.1 | |
| NetApp E-Series SANtricity OS Controller | =11.70.2 | |
| Netapp Fas\/aff Baseboard Management Controller | ||
| Netapp Hci Baseboard Management Controller | =h610s | |
| Netapp Solidfire\, Enterprise Sds \& Hci Storage Node | ||
| Netapp Solidfire \& Hci Management Node | ||
| Netapp Steelstore Cloud Integrated Storage | ||
| Broadcom Brocade Fabric Operating System Firmware | ||
| All of | ||
| Netapp Hci Compute Node Firmware | ||
| Netapp Hci Compute Node | ||
| All of | ||
| Netapp Solidfire Baseboard Management Controller Firmware | ||
| Netapp Solidfire Baseboard Management Controller | ||
| Netapp Hci Compute Node Firmware | ||
| Netapp Hci Compute Node | ||
| Netapp Solidfire Baseboard Management Controller Firmware | ||
| Netapp Solidfire Baseboard Management Controller | ||
| debian/linux | 4.19.249-2 4.19.304-1 5.10.209-2 5.10.216-1 6.1.76-1 6.1.90-1 6.7.12-1 6.8.9-1 |
Remedy
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module rtl8192cu. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-19063 https://nvd.nist.gov/vuln/detail/CVE-2019-19063
- https://bugzilla.redhat.com/show_bug.cgi?id=1775015
- https://access.redhat.com/errata/RHSA-2020:4062
- https://access.redhat.com/errata/RHSA-2020:4060
- https://access.redhat.com/errata/RHSA-2020:4609
- https://access.redhat.com/errata/RHSA-2020:4431
- https://access.redhat.com/security/cve/cve-2019-19063
- https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
- https://security.netapp.com/advisory/ntap-20191205-0001/
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
- https://seclists.org/bugtraq/2020/Jan/10
- http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://usn.ubuntu.com/4254-1/
- https://usn.ubuntu.com/4254-2/
- https://usn.ubuntu.com/4285-1/
- https://usn.ubuntu.com/4287-1/
- https://usn.ubuntu.com/4284-1/
- https://usn.ubuntu.com/4287-2/
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://launchpad.net/bugs/cve/CVE-2019-19063
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1775016
- https://access.redhat.com/solutions/41278
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/
- https://security-tracker.debian.org/tracker/CVE-2019-19063
- https://ubuntu.com/security/notices/USN-4254-1
- https://ubuntu.com/security/notices/USN-4254-2
- https://ubuntu.com/security/notices/USN-4284-1
- https://ubuntu.com/security/notices/USN-4285-1
- https://ubuntu.com/security/notices/USN-4287-1
- https://ubuntu.com/security/notices/USN-4287-2
- https://www.cve.org/CVERecord?id=CVE-2019-19063
- https://nvd.nist.gov/vuln/detail/CVE-2019-19063
- https://git.kernel.org/linus/a7959c1394d4126a70a53b914ce4105f5173d0aa
- https://git.kernel.org/linus/3f93616951138a598d930dcaec40f2bfd9ce43bb
- https://ubuntu.com/security/CVE-2019-19063
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-19063
- agent/author
- agent/severity
- agent/remedy
- agent/weakness
- agent/description
- agent/event
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- package-manager/redhat
- package-manager/ubuntu
- package-manager/debian
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/5.3.11
- vendor/oracle
- canonical/oracle sd-wan edge
- version/oracle sd-wan edge/8.2
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/19.10
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/30
- version/fedoraproject fedora/31
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.1
- vendor/netapp
- canonical/netapp active iq unified manager vmware vsphere
- canonical/netapp aff baseboard management controller
- canonical/netapp cloud backup
- canonical/netapp data availability services
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/11.0
- version/netapp e-series santricity os controller/11.0.0
- version/netapp e-series santricity os controller/11.20
- version/netapp e-series santricity os controller/11.25
- version/netapp e-series santricity os controller/11.30
- version/netapp e-series santricity os controller/11.30.5r3
- version/netapp e-series santricity os controller/11.40
- version/netapp e-series santricity os controller/11.40.3r2
- version/netapp e-series santricity os controller/11.40.5
- version/netapp e-series santricity os controller/11.50.1
- version/netapp e-series santricity os controller/11.50.2
- version/netapp e-series santricity os controller/11.50.2-p1
- version/netapp e-series santricity os controller/11.60
- version/netapp e-series santricity os controller/11.60.0
- version/netapp e-series santricity os controller/11.60.1
- version/netapp e-series santricity os controller/11.60.3
- version/netapp e-series santricity os controller/11.70.1
- version/netapp e-series santricity os controller/11.70.2
- canonical/netapp fas\/aff baseboard management controller
- canonical/netapp hci baseboard management controller
- version/netapp hci baseboard management controller/h610s
- canonical/netapp solidfire\, enterprise sds \& hci storage node
- canonical/netapp solidfire \& hci management node
- canonical/netapp steelstore cloud integrated storage
- vendor/broadcom
- canonical/broadcom brocade fabric operating system firmware
- canonical/netapp hci compute node firmware
- canonical/netapp hci compute node
- canonical/netapp solidfire baseboard management controller firmware
- canonical/netapp solidfire baseboard management controller