CVE-2019-15927

An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
VendorProductVersion
linuxlinux_kernel
𝑥
< 3.16.66
linuxlinux_kernel
3.17 ≤
𝑥
< 3.18.132
linuxlinux_kernel
3.19 ≤
𝑥
< 4.4.170
linuxlinux_kernel
4.5 ≤
𝑥
< 4.9.150
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.93
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.15
linuxlinux_kernel
4.20 ≤
𝑥
< 4.20.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
sid
6.11.5-1
fixed
trixie
6.11.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
eoan
not-affected
disco
not-affected
bionic
Fixed 4.15.0-60.67
released
xenial
Fixed 4.4.0-143.169
released
trusty
ignored
linux-aws
eoan
not-affected
disco
not-affected
bionic
Fixed 4.15.0-1047.49
released
xenial
Fixed 4.4.0-1077.87
released
trusty
Fixed 4.4.0-1039.42
released
linux-aws-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-aws-hwe
eoan
dne
disco
dne
bionic
dne
xenial
Fixed 4.15.0-1047.49~16.04.1
released
trusty
dne
linux-azure
eoan
not-affected
disco
not-affected
bionic
Fixed 5.0.0-1014.14~18.04.1
released
xenial
Fixed 4.15.0-1056.61
released
trusty
Fixed 4.15.0-1059.64~14.04.1
released
linux-azure-5.3
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-azure-edge
eoan
dne
disco
dne
bionic
Fixed 5.0.0-1014.14~18.04.1
released
xenial
Fixed 4.15.0-1056.61
released
trusty
dne
linux-gcp
eoan
not-affected
disco
not-affected
bionic
Fixed 4.15.0-1042.45
released
xenial
Fixed 4.15.0-1041.43
released
trusty
dne
linux-gcp-5.3
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp-edge
eoan
dne
disco
dne
bionic
Fixed 4.15.0-1042.45
released
xenial
dne
trusty
dne
linux-gke-4.15
eoan
dne
disco
dne
bionic
Fixed 4.15.0-1041.43
released
xenial
dne
trusty
dne
linux-gke-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-hwe
eoan
dne
disco
dne
bionic
Fixed 5.0.0-23.24~18.04.1
released
xenial
Fixed 4.15.0-60.67~16.04.1
released
trusty
dne
linux-hwe-edge
eoan
dne
disco
dne
bionic
not-affected
xenial
Fixed 4.15.0-60.67~16.04.1
released
trusty
dne
linux-kvm
eoan
not-affected
disco
not-affected
bionic
Fixed 4.15.0-1043.43
released
xenial
Fixed 4.4.0-1041.47
released
trusty
dne
linux-lts-trusty
eoan
dne
disco
dne
bionic
dne
xenial
dne
trusty
dne
linux-lts-xenial
eoan
dne
disco
dne
bionic
dne
xenial
dne
trusty
Fixed 4.4.0-143.169~14.04.2
released
linux-oem
eoan
Fixed 4.15.0-1059.68
released
disco
ignored
bionic
Fixed 4.15.0-1056.65
released
xenial
ignored
trusty
dne
linux-oem-5.4
eoan
dne
bionic
dne
xenial
dne
trusty
dne
linux-oem-osp1
eoan
not-affected
disco
not-affected
bionic
not-affected
xenial
dne
trusty
dne
linux-oracle
eoan
not-affected
disco
Fixed 5.0.0-1004.8
released
bionic
Fixed 4.15.0-1022.25
released
xenial
Fixed 4.15.0-1022.25~16.04.1
released
trusty
dne
linux-oracle-5.0
eoan
dne
disco
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-raspi2
eoan
not-affected
disco
not-affected
bionic
Fixed 4.15.0-1044.47
released
xenial
Fixed 4.4.0-1104.112
released
trusty
dne
linux-raspi2-5.3
eoan
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-snapdragon
eoan
dne
disco
not-affected
bionic
Fixed 4.15.0-1062.69
released
xenial
Fixed 4.4.0-1108.113
released
trusty
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4351a199cc120ff9d59e06d02e8657d08e6cc46
https://security.netapp.com/advisory/ntap-20191004-0001/
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4351a199cc120ff9d59e06d02e8657d08e6cc46
https://security.netapp.com/advisory/ntap-20191004-0001/