Home

CVE-2019-19807

Description

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.078

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-4225-1) linux-image-aws_5.3.0.1009.11_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-gcp_5.3.0.1011.12_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-gke_5.3.0.1011.12_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-kvm_5.3.0.1009.11_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-azure_5.3.0.1009.27_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-oracle_5.3.0.1008.9_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-generic_5.3.0.26.30_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-virtual_5.3.0.26.30_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-gcp-edge_5.3.0.1010.10_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-azure-edge_5.3.0.1009.9_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-lowlatency_5.3.0.26.30_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1009-aws_5.3.0-1009.10_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1009-kvm_5.3.0-1009.10_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1010-gcp_5.3.0-1010.11~18.04.1_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1011-gcp_5.3.0-1011.12_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1009-azure_5.3.0-1009.10_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1009-azure_5.3.0-1009.10~18.04.1_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-26-generic_5.3.0-26.28_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-1008-oracle_5.3.0-1008.9_amd64.debLinux
Linux kernel (USN-4225-1) linux-image-5.3.0-26-lowlatency_5.3.0-26.28_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-aws_4.15.0.1057.58_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-gcp_4.15.0.1052.66_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-gke_4.15.0.1050.53_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-gke_4.15.0.1052.66_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-kvm_4.15.0.1052.52_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-oem_4.15.0.74.94_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-oem_4.15.0.1066.70_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-azure_4.15.0.1066.69_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-oracle_4.15.0.1031.24_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-oracle_4.15.0.1031.36_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-aws-hwe_4.15.0.1057.57_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-generic_4.15.0.74.76_i386.debLinux
Linux kernel (USN-4227-1) linux-image-generic_4.15.0.74.76_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-virtual_4.15.0.74.76_i386.debLinux
Linux kernel (USN-4227-1) linux-image-virtual_4.15.0.74.76_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-gke-4.15_4.15.0.1050.53_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-azure-edge_4.15.0.1066.69_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-lowlatency_4.15.0.74.76_i386.debLinux
Linux kernel (USN-4227-1) linux-image-lowlatency_4.15.0.74.76_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-aws-lts-18.04_4.15.0.1057.58_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1050-gke_4.15.0-1050.53_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1052-gcp_4.15.0-1052.56_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1052-kvm_4.15.0-1052.52_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1057-aws_4.15.0-1057.59_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1057-aws_4.15.0-1057.59~16.04.1_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1066-oem_4.15.0-1066.76_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-oracle-lts-18.04_4.15.0.1031.36_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1066-azure_4.15.0-1066.71_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-generic_4.15.0-74.84_i386.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-generic_4.15.0-74.84_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-generic_4.15.0-74.83~16.04.1_i386.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-generic_4.15.0-74.83~16.04.1_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-generic-hwe-16.04_4.15.0.74.94_i386.debLinux
Linux kernel (USN-4227-1) linux-image-generic-hwe-16.04_4.15.0.74.94_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-virtual-hwe-16.04_4.15.0.74.94_i386.debLinux
Linux kernel (USN-4227-1) linux-image-virtual-hwe-16.04_4.15.0.74.94_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1031-oracle_4.15.0-1031.34_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-1031-oracle_4.15.0-1031.34~16.04.1_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-lowlatency_4.15.0-74.84_i386.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-lowlatency_4.15.0-74.84_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-lowlatency_4.15.0-74.83~16.04.1_i386.debLinux
Linux kernel (USN-4227-1) linux-image-4.15.0-74-lowlatency_4.15.0-74.83~16.04.1_amd64.debLinux
Linux kernel (USN-4227-1) linux-image-lowlatency-hwe-16.04_4.15.0.74.94_i386.debLinux
Linux kernel (USN-4227-1) linux-image-lowlatency-hwe-16.04_4.15.0.74.94_amd64.debLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update bpftool-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-abi-whitelists-4.18.0-193.13.2.el8_2.noarch.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-core-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-193.13.2.el8_2.noarch.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update perf-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
(RHSA-2020:3010) kernel security, bug fix, and enhancement update python3-perf-4.18.0-193.13.2.el8_2.x86_64.rpmLinux
Use After Free Vulnerability (CVE-2019-19807)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234