ID CVE-2019-16233
Summary drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:5.2.14:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:5.2.14:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 06-05-2020 - 15:15)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
redhat via4
rpms
  • bpftool-0:3.10.0-1160.el7
  • bpftool-debuginfo-0:3.10.0-1160.el7
  • kernel-0:3.10.0-1160.el7
  • kernel-abi-whitelists-0:3.10.0-1160.el7
  • kernel-bootwrapper-0:3.10.0-1160.el7
  • kernel-debug-0:3.10.0-1160.el7
  • kernel-debug-debuginfo-0:3.10.0-1160.el7
  • kernel-debug-devel-0:3.10.0-1160.el7
  • kernel-debuginfo-0:3.10.0-1160.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-1160.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-1160.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-1160.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-1160.el7
  • kernel-devel-0:3.10.0-1160.el7
  • kernel-doc-0:3.10.0-1160.el7
  • kernel-headers-0:3.10.0-1160.el7
  • kernel-kdump-0:3.10.0-1160.el7
  • kernel-kdump-debuginfo-0:3.10.0-1160.el7
  • kernel-kdump-devel-0:3.10.0-1160.el7
  • kernel-tools-0:3.10.0-1160.el7
  • kernel-tools-debuginfo-0:3.10.0-1160.el7
  • kernel-tools-libs-0:3.10.0-1160.el7
  • kernel-tools-libs-devel-0:3.10.0-1160.el7
  • perf-0:3.10.0-1160.el7
  • perf-debuginfo-0:3.10.0-1160.el7
  • python-perf-0:3.10.0-1160.el7
  • python-perf-debuginfo-0:3.10.0-1160.el7
  • kernel-rt-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debug-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debug-devel-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debug-kvm-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-devel-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-doc-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-kvm-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-trace-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-trace-devel-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-trace-kvm-0:3.10.0-1160.rt56.1131.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
  • bpftool-0:4.18.0-240.el8
  • bpftool-debuginfo-0:4.18.0-240.el8
  • kernel-0:4.18.0-240.el8
  • kernel-abi-whitelists-0:4.18.0-240.el8
  • kernel-core-0:4.18.0-240.el8
  • kernel-cross-headers-0:4.18.0-240.el8
  • kernel-debug-0:4.18.0-240.el8
  • kernel-debug-core-0:4.18.0-240.el8
  • kernel-debug-debuginfo-0:4.18.0-240.el8
  • kernel-debug-devel-0:4.18.0-240.el8
  • kernel-debug-modules-0:4.18.0-240.el8
  • kernel-debug-modules-extra-0:4.18.0-240.el8
  • kernel-debuginfo-0:4.18.0-240.el8
  • kernel-debuginfo-common-aarch64-0:4.18.0-240.el8
  • kernel-debuginfo-common-ppc64le-0:4.18.0-240.el8
  • kernel-debuginfo-common-s390x-0:4.18.0-240.el8
  • kernel-debuginfo-common-x86_64-0:4.18.0-240.el8
  • kernel-devel-0:4.18.0-240.el8
  • kernel-doc-0:4.18.0-240.el8
  • kernel-headers-0:4.18.0-240.el8
  • kernel-modules-0:4.18.0-240.el8
  • kernel-modules-extra-0:4.18.0-240.el8
  • kernel-tools-0:4.18.0-240.el8
  • kernel-tools-debuginfo-0:4.18.0-240.el8
  • kernel-tools-libs-0:4.18.0-240.el8
  • kernel-tools-libs-devel-0:4.18.0-240.el8
  • kernel-zfcpdump-0:4.18.0-240.el8
  • kernel-zfcpdump-core-0:4.18.0-240.el8
  • kernel-zfcpdump-debuginfo-0:4.18.0-240.el8
  • kernel-zfcpdump-devel-0:4.18.0-240.el8
  • kernel-zfcpdump-modules-0:4.18.0-240.el8
  • kernel-zfcpdump-modules-extra-0:4.18.0-240.el8
  • perf-0:4.18.0-240.el8
  • perf-debuginfo-0:4.18.0-240.el8
  • python3-perf-0:4.18.0-240.el8
  • python3-perf-debuginfo-0:4.18.0-240.el8
  • kernel-rt-0:4.18.0-240.rt7.54.el8
  • kernel-rt-core-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8
  • kernel-rt-devel-0:4.18.0-240.rt7.54.el8
  • kernel-rt-kvm-0:4.18.0-240.rt7.54.el8
  • kernel-rt-modules-0:4.18.0-240.rt7.54.el8
  • kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8
refmap via4
confirm https://security.netapp.com/advisory/ntap-20191004-0001/
misc https://lkml.org/lkml/2019/9/9/487
suse
  • openSUSE-SU-2019:2444
  • openSUSE-SU-2019:2503
ubuntu
  • USN-4226-1
  • USN-4227-1
  • USN-4227-2
  • USN-4346-1
Last major update 06-05-2020 - 15:15
Published 11-09-2019 - 16:15
Last modified 06-05-2020 - 15:15
Back to Top