vulnerability
Oracle Linux: CVE-2019-19055: ELSA-2020-4060: kernel security, bug fix, and enhancement update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 2019-10-05 | 2020-10-07 | 2024-11-29 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
2019-10-05
Added
2020-10-07
Modified
2024-11-29
Description
A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred
A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211_get_ftm_responder_stats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211_get_ftm_responder_stats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.