CVE-2019-15919

LOW EPSS 34.8%
Published Sep 4, 20196y ago · Modified Jun 17, 20262w ago
3.3 CVSS 3.1
Low
Find Similar
Published Sep 4, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.

CVSS Details

Base Score
3.3
Exploitability
1.8
Impact
1.4
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
34.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel* <5.0.10
opensuseleap15.0any
opensuseleap15.1any

References 5

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
    Third Party Advisory
  • cdn.kernel.org https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
    Release NotesThird Party Advisory
  • github.com https://github.com/torvalds/linux/commit/6a3eb3360667170988f8a6477f6686242061488a
    PatchThird Party Advisory
  • security.netapp.com https://security.netapp.com/advisory/ntap-20191004-0001/
    Third Party Advisory

Remediation

  • github.com https://github.com/torvalds/linux/commit/6a3eb3360667170988f8a6477f6686242061488a
    PatchThird Party Advisory