vulnerability
Oracle Linux: CVE-2019-19045: ELSA-2020-5715: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:A/AC:L/Au:M/C:N/I:N/A:C) | 2019-11-18 | 2022-10-05 | 2025-01-23 |
Severity
5
CVSS
(AV:A/AC:L/Au:M/C:N/I:N/A:C)
Published
2019-11-18
Added
2022-10-05
Modified
2025-01-23
Description
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.
A flaw was found in the Linux kernel. The Mellanox Technologies Innova driver mishandles resource cleanup on error. An attacker, able to trigger error could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
A flaw was found in the Linux kernel. The Mellanox Technologies Innova driver mishandles resource cleanup on error. An attacker, able to trigger error could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
Solution
oracle-linux-upgrade-kernel-uek
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.