CVE-2019-19044
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/11/2019
Last modified:
20/01/2023
Description
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.3 (including) | 5.3.11 (excluding) |
| cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* | ||
| cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page