First published: Wed Dec 25 2019(Updated: )
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <5.1.6 | |
Debian Debian Linux | =8.0 | |
openSUSE Leap | =15.1 | |
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Cloud Backup | ||
Netapp Data Availability Services | ||
NetApp E-Series SANtricity OS Controller | >=11.0<=11.70.2 | |
Netapp Fas\/aff Baseboard Management Controller | ||
Netapp Hci Baseboard Management Controller | =h610s | |
Netapp Solidfire \& Hci Management Node | ||
Netapp Steelstore Cloud Integrated Storage | ||
Netapp Aff Baseboard Management Controller | =a700s | |
Netapp Solidfire Baseboard Management Controller |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19966 is a vulnerability in the Linux kernel before version 5.1.6 that allows for a use-after-free vulnerability in the cpia2_exit() function, resulting in denial of service.
The severity of CVE-2019-19966 is medium, with a CVSS score of 4.6.
The Linux kernel versions before 5.1.6, Debian Linux 8.0, openSUSE Leap 15.1, and some Netapp products are affected by CVE-2019-19966.
To fix CVE-2019-19966, update the Linux kernel to version 5.1.6 or apply the appropriate patches provided by your Linux distribution.
You can find more information about CVE-2019-19966 in the following references: [link1], [link2], [link3].