Wind River Support Network

HomeDefectsLIN1019-2823
Fixed

LIN1019-2823 : Security Advisory - linux - CVE-2019-17075

Created: Oct 8, 2019    Updated: Dec 11, 2019
Resolved Date: Nov 27, 2019
Found In Version: 10.19.45.1
Fix Version: 10.19.45.2
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel

Description


An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.

CREATE(Triage):(User=admin) CVE-2019-17075

CVEs


Live chat
Online