Lucene search

[email protected]NVD:CVE-2019-15098

HistoryAug 16, 2019 - 2:15 a.m.

CVE-2019-15098

2019-08-1602:15:11

CWE-476

[email protected]

web.nvd.nist.gov

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.4%

JSON

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤5.2.9

Node

netappactive_iq_performance_analytics_servicesMatch-

netappactive_iq_unified_managerRange9.5≥vmware_vsphere

netappdata_availability_servicesMatch-

netappelement_softwareMatch-

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch19.04

opensuseleapMatch15.0

opensuseleapMatch15.1

Node

debiandebian_linuxMatch8.0

References

lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html

packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

www.openwall.com/lists/oss-security/2019/09/27/1

www.openwall.com/lists/oss-security/2019/09/27/2

www.openwall.com/lists/oss-security/2019/09/27/3

lists.debian.org/debian-lts-announce/2020/01/msg00013.html

lists.debian.org/debian-lts-announce/2020/03/msg00001.html

lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike%40gmail.com/T/#u

seclists.org/bugtraq/2019/Nov/11

security.netapp.com/advisory/ntap-20190905-0002/

support.f5.com/csp/article/K61214359

support.f5.com/csp/article/K61214359?utm_source=f5support&amp%3Butm_medium=RSS

usn.ubuntu.com/4184-1/

usn.ubuntu.com/4185-1/

usn.ubuntu.com/4186-1/

usn.ubuntu.com/4186-2/

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for NVD:CVE-2019-15098

cve2 prion1 cvelist1 redhatcve2 f51 debiancve1 ubuntucve1 nvd1 ibm1 openvas27 cloudfoundry2 ubuntu7 nessus22 slackware1 debian2 suse2 osv2