Wind River Support Network

Meet the Support Network

Home CVE Database CVE-2019-19067

CVE-2019-19067

Description

** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.

Priority: HIGH
CVSS v3: 4.4
Component: linux
Publish Date: Nov 18, 2019
Related ID: --
CVSS v2: MEDIUM
Modified Date: Nov 21, 2019

Find out more about CVE-2019-19067 from the MITRE-CVE dictionary and NIST NVD

Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Won't Fix LIN10-6706
 -- --
Wind River Linux 8 Not Vulnerable -- -- --
Wind River Linux 9 Vulnerable -- -- --
Wind River Linux 7 Not Vulnerable -- -- --
Wind River Linux LTS 21 Fixed -- 10.21.20.1 --
Wind River Linux LTS 22 Not Vulnerable -- -- --
Wind River Linux LTS 18 Fixed LIN1018-5274
 10.18.44.13 --
Wind River Linux LTS 19 Fixed LIN1019-3495
 10.19.45.2 --
Wind River Linux CD release Fixed LINCD-396
 10.20.3.0 --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads

Notes
Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube