CVE-2019-19069

First published: Mon Nov 18 2019(Updated: )

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Linux Kernel	>=5.1<5.3.9
Linux Kernel	=5.4-rc1
Linux Kernel	=5.4-rc2
Linux Kernel	=5.4-rc3
Ubuntu	=18.04
Ubuntu	=19.10
NetApp Active IQ Unified Manager for VMware vSphere
NetApp Data Availability Services
NetApp E-Series SANtricity OS Controller	>=11.0.0<=11.60.3
NetApp SolidFire & HCI Management Node
NetApp SolidFire & HCI Storage Node
NetApp SteelStore Cloud Integrated Storage
NetApp HCI Compute Node
NetApp HCI Storage Nodes
Broadcom Fabric Operating System
All of
NetApp A700 Firmware
NetApp AFF A700s Firmware
All of
NetApp FAS8300
NetApp FAS8300 Firmware
All of
NetApp FAS 8700
NetApp FAS8700 Firmware
All of
NetApp AFF A400
NetApp AFF A400
All of
NetApp HCI H610S Firmware
NetApp H610S Firmware
NetApp A700 Firmware
NetApp AFF A700s Firmware
NetApp FAS8300
NetApp FAS8300 Firmware
NetApp FAS 8700
NetApp FAS8700 Firmware
NetApp AFF A400
NetApp AFF A400
NetApp HCI H610S Firmware
NetApp H610S Firmware
debian/linux		5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1

Remedy

https://github.com/torvalds/linux/commit/fc739a058d99c9297ef6bfd923b809d85855b9a9

Never miss a vulnerability like this again

Reference Links

agent/type
collector/launchpad-cve
source/Launchpad
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
agent/references
agent/remedy
agent/first-publish-date
collector/usn-cve
source/Ubuntu
agent/description
agent/trending
agent/last-modified-date
agent/source
agent/author
agent/softwarecombine
agent/tags
agent/event
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/5.1
version/linux kernel/5.4-rc1
version/linux kernel/5.4-rc2
version/linux kernel/5.4-rc3
vendor/canonical
canonical/ubuntu
version/ubuntu/18.04
version/ubuntu/19.10
vendor/netapp
canonical/netapp active iq unified manager for vmware vsphere
canonical/netapp data availability services
canonical/netapp e-series santricity os controller
version/netapp e-series santricity os controller/11.0.0
version/netapp e-series santricity os controller/11.60.3
canonical/netapp solidfire & hci management node
canonical/netapp solidfire & hci storage node
canonical/netapp steelstore cloud integrated storage
canonical/netapp hci compute node
canonical/netapp hci storage nodes
vendor/broadcom
canonical/broadcom fabric operating system
canonical/netapp a700 firmware
canonical/netapp aff a700s firmware
canonical/netapp fas8300
canonical/netapp fas8300 firmware
canonical/netapp fas 8700
canonical/netapp fas8700 firmware
canonical/netapp aff a400
canonical/netapp hci h610s firmware
canonical/netapp h610s firmware

CVE-2019-19069

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact