A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began
References
Configurations
History
07 Nov 2023, 03:07
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began |
02 Jun 2021, 15:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:5.5:rc1:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/ - Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=1157294 - Issue Tracking, Patch, Third Party Advisory |
Information
Published : 2019-11-18 06:15
Updated : 2024-04-11 01:04
NVD link : CVE-2019-19070
Mitre link : CVE-2019-19070
CVE.ORG link : CVE-2019-19070
JSON object : View
Products Affected
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-401
Missing Release of Memory after Effective Lifetime