Vulnerability CVE-2019-19807
Published: 2019-12-15   Modified: 2019-12-16

Description:
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.

Type:

CWE-416

 (Use After Free)

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Linux -> Linux kernel 

 References:
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e7af6307a8a54f0b873960b32b6a644f2d0fbd97
https://github.com/torvalds/linux/commit/e7af6307a8a54f0b873960b32b6a644f2d0fbd97
Copyright 2024, cxsecurity.com

 

Back to Top