Home

CVE-2019-15807

Description

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

Risk Information

Base Score
4.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.088

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.i586.rpmLinux
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.x86_64.rpmLinux
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.108.1.i586.rpmLinux
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.108.1.x86_64.rpmLinux
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.i586.rpmLinux
SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.42.1.el6uek update (ELSA-2020-5511) dtrace-modules-3.8.13-118.42.1.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.42.1.el7uek update (ELSA-2020-5511) dtrace-modules-3.8.13-118.42.1.el7uek-0.4.5-3.el7.x86_64.rpmLinux
Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2019-15807)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234