Memory Leak Vulnerability in Linux Kernel Affects Multiple Distributions
CVE-2019-19072

4.4MEDIUM

Key Information:

Vendor
Canonical
Status
Ubuntu Linux
Fedora
Enterprise Linux
Linux Kernel
Vendor
CVE Published:
18 November 2019

Summary

A memory leak in the predicate_parse() function within the Linux kernel can lead to excessive memory consumption, resulting in a denial of service condition. This vulnerability allows attackers to exploit the system, causing instability and potential outages across affected distributions. Users are urged to apply patches to mitigate this risk.

References

https://github.com/torvalds/linux/commit/96c5c6e6a5b6db59...
x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.