CVE-2019-15292

An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
linuxlinux_kernel
𝑥
< 3.16.74
linuxlinux_kernel
3.17 ≤
𝑥
< 3.18.139
linuxlinux_kernel
3.19 ≤
𝑥
< 4.4.179
linuxlinux_kernel
4.5 ≤
𝑥
< 4.9.170
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.113
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.36
linuxlinux_kernel
4.20 ≤
𝑥
< 5.0.9
debiandebian_linux
8.0
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
trixie
6.11.5-1
fixed
sid
6.11.6-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
eoan
not-affected
disco
Fixed 5.0.0-21.22
released
bionic
Fixed 4.15.0-60.67
released
xenial
Fixed 4.4.0-150.176
released
trusty
ignored
linux-aws
eoan
not-affected
disco
ignored
bionic
Fixed 4.15.0-1047.49
released
xenial
Fixed 4.4.0-1084.94
released
trusty
ignored
linux-aws-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-aws-hwe
eoan
dne
disco
dne
bionic
dne
xenial
Fixed 4.15.0-1047.49~16.04.1
released
trusty
dne
linux-azure
eoan
not-affected
disco
Fixed 5.0.0-1012.12
released
bionic
Fixed 5.0.0-1014.14~18.04.1
released
xenial
Fixed 4.15.0-1056.61
released
trusty
ignored
linux-azure-5.3
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-azure-edge
eoan
dne
disco
dne
bionic
Fixed 5.0.0-1014.14~18.04.1
released
xenial
Fixed 4.15.0-1056.61
released
trusty
dne
linux-gcp
eoan
not-affected
disco
Fixed 5.0.0-1011.11
released
bionic
Fixed 4.15.0-1042.45
released
xenial
Fixed 4.15.0-1041.43
released
trusty
dne
linux-gcp-5.3
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp-edge
eoan
dne
disco
dne
bionic
Fixed 4.15.0-1042.45
released
xenial
dne
trusty
dne
linux-gke-4.15
eoan
dne
disco
dne
bionic
Fixed 4.15.0-1041.43
released
xenial
dne
trusty
dne
linux-gke-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-hwe
eoan
dne
disco
dne
bionic
Fixed 5.0.0-23.24~18.04.1
released
xenial
Fixed 4.15.0-60.67~16.04.1
released
trusty
dne
linux-hwe-edge
eoan
dne
disco
dne
bionic
ignored
xenial
Fixed 4.15.0-60.67~16.04.1
released
trusty
dne
linux-kvm
eoan
not-affected
disco
Fixed 5.0.0-1011.12
released
bionic
Fixed 4.15.0-1043.43
released
xenial
Fixed 4.4.0-1047.53
released
trusty
dne
linux-lts-trusty
eoan
dne
disco
dne
bionic
dne
xenial
dne
trusty
dne
linux-lts-xenial
eoan
dne
disco
dne
bionic
dne
xenial
dne
trusty
ignored
linux-oem
eoan
Fixed 4.15.0-1059.68
released
disco
ignored
bionic
Fixed 4.15.0-1056.65
released
xenial
ignored
trusty
dne
linux-oem-5.4
eoan
dne
bionic
dne
xenial
dne
trusty
dne
linux-oem-osp1
eoan
Fixed 5.0.0-1018.20
released
disco
ignored
bionic
Fixed 5.0.0-1015.16
released
xenial
dne
trusty
dne
linux-oracle
eoan
not-affected
disco
Fixed 5.0.0-1004.8
released
bionic
Fixed 4.15.0-1022.25
released
xenial
Fixed 4.15.0-1022.25~16.04.1
released
trusty
dne
linux-oracle-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-raspi2
eoan
not-affected
disco
ignored
bionic
Fixed 4.15.0-1044.47
released
xenial
Fixed 4.4.0-1110.118
released
trusty
dne
linux-raspi2-5.3
eoan
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-snapdragon
eoan
dne
disco
Fixed 5.0.0-1017.18
released
bionic
Fixed 4.15.0-1062.69
released
xenial
Fixed 4.4.0-1114.119
released
trusty
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6377f787aeb945cae7abbb6474798de129e1f3ac
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
https://security.netapp.com/advisory/ntap-20190905-0002/
https://support.f5.com/csp/article/K27112954
https://support.f5.com/csp/article/K27112954?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6377f787aeb945cae7abbb6474798de129e1f3ac
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
https://security.netapp.com/advisory/ntap-20190905-0002/
https://support.f5.com/csp/article/K27112954
https://support.f5.com/csp/article/K27112954?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/