Vulnerability Details CVE-2019-19807
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e7af6307a8a54f0b873960b32b6a644f2d0fbd97
- https://github.com/torvalds/linux/commit/e7af6307a8a54f0b873960b32b6a644f2d0fbd97
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://usn.ubuntu.com/4225-1/
- https://usn.ubuntu.com/4227-1/
- https://usn.ubuntu.com/4227-2/
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e7af6307a8a54f0b873960b32b6a644f2d0fbd97
- https://github.com/torvalds/linux/commit/e7af6307a8a54f0b873960b32b6a644f2d0fbd97
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://usn.ubuntu.com/4225-1/
- https://usn.ubuntu.com/4227-1/
- https://usn.ubuntu.com/4227-2/
Products affected by CVE-2019-19807
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:canonical:ubuntu_linux:19.10
-
cpe:2.3:o:linux:linux_kernel:4.14.152
-
cpe:2.3:o:linux:linux_kernel:4.14.153
-
cpe:2.3:o:linux:linux_kernel:4.19.82
-
cpe:2.3:o:linux:linux_kernel:4.19.83
-
cpe:2.3:o:linux:linux_kernel:4.9.199
-
cpe:2.3:o:linux:linux_kernel:4.9.200
-
cpe:2.3:o:linux:linux_kernel:5.2
-
cpe:2.3:o:linux:linux_kernel:5.2.1
-
cpe:2.3:o:linux:linux_kernel:5.2.10
-
cpe:2.3:o:linux:linux_kernel:5.2.11
-
cpe:2.3:o:linux:linux_kernel:5.2.12
-
cpe:2.3:o:linux:linux_kernel:5.2.13
-
cpe:2.3:o:linux:linux_kernel:5.2.14
-
cpe:2.3:o:linux:linux_kernel:5.2.15
-
cpe:2.3:o:linux:linux_kernel:5.2.16
-
cpe:2.3:o:linux:linux_kernel:5.2.17
-
cpe:2.3:o:linux:linux_kernel:5.2.18
-
cpe:2.3:o:linux:linux_kernel:5.2.19
-
cpe:2.3:o:linux:linux_kernel:5.2.2
-
cpe:2.3:o:linux:linux_kernel:5.2.20
-
cpe:2.3:o:linux:linux_kernel:5.2.21
-
cpe:2.3:o:linux:linux_kernel:5.2.3
-
cpe:2.3:o:linux:linux_kernel:5.2.4
-
cpe:2.3:o:linux:linux_kernel:5.2.5
-
cpe:2.3:o:linux:linux_kernel:5.2.6
-
cpe:2.3:o:linux:linux_kernel:5.2.7
-
cpe:2.3:o:linux:linux_kernel:5.2.8
-
cpe:2.3:o:linux:linux_kernel:5.2.9
-
cpe:2.3:o:linux:linux_kernel:5.3
-
cpe:2.3:o:linux:linux_kernel:5.3.1
-
cpe:2.3:o:linux:linux_kernel:5.3.10
-
cpe:2.3:o:linux:linux_kernel:5.3.2
-
cpe:2.3:o:linux:linux_kernel:5.3.3
-
cpe:2.3:o:linux:linux_kernel:5.3.4
-
cpe:2.3:o:linux:linux_kernel:5.3.5
-
cpe:2.3:o:linux:linux_kernel:5.3.6
-
cpe:2.3:o:linux:linux_kernel:5.3.7
-
cpe:2.3:o:linux:linux_kernel:5.3.8
-
cpe:2.3:o:linux:linux_kernel:5.3.9