Home

CVE-2019-19537

Description

In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.

Risk Information

Base Score
4.2
MODERATE
Vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.068

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-base-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-base-debuginfo-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-debuginfo-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-debugsource-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-devel-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-devel-azure-4.12.14-6.34.1.noarch.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-source-azure-4.12.14-6.34.1.noarch.rpmLinux
SUSE-SU-2019:3316-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-syms-azure-4.12.14-6.34.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-debuginfo-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debuginfo-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debugsource-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-debuginfo-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-4.12.14-122.12.1.noarch.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-macros-4.12.14-122.12.1.noarch.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-4.12.14-122.12.1.noarch.rpmLinux
SUSE-SU-2019:3389-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-4.12.14-122.12.1.x86_64.rpmLinux
SUSE-SU-2020:0093-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.7.1.x86_64.rpmLinux
SUSE-SU-2020:0093-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.7.1.x86_64.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.111.1.i586.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.111.1.x86_64.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.111.1.i586.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.111.1.x86_64.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.111.1.i586.rpmLinux
SUSE-SU-2020:14354-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.111.1.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.46.1.el6uek update (ELSA-2020-5706) dtrace-modules-3.8.13-118.46.1.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.46.1.el7uek update (ELSA-2020-5706) dtrace-modules-3.8.13-118.46.1.el7uek-0.4.5-3.el7.x86_64.rpmLinux
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2019-19537)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234