1. CVE-Search
  2. CVE-2019-16232
ID CVE-2019-16232
Summary drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:5.2.14:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:5.2.14:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 04-05-2020 - 20:18)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
refmap via4
confirm https://security.netapp.com/advisory/ntap-20191004-0001/
fedora
  • FEDORA-2019-124a241044
  • FEDORA-2019-b86a7bdba0
misc https://lkml.org/lkml/2019/9/9/487
suse
  • openSUSE-SU-2019:2392
  • openSUSE-SU-2019:2444
ubuntu
  • USN-4284-1
  • USN-4285-1
  • USN-4287-1
  • USN-4287-2
Last major update 04-05-2020 - 20:18
Published 11-09-2019 - 16:15
Last modified 04-05-2020 - 20:18
Back to Top