mend-bolt-for-github[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #510
Closed mend-bolt-for-github[bot] closed 7 months ago
mend-bolt-for-github[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #510
mend-bolt-for-github[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #510
CVE-2019-19807 - High Severity Vulnerability
Apache Software Foundation (ASF)
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 1e5b537c0e4b55545949296162ba0ff4825bff28
Found in base branch: master
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.
Publish Date: 2019-12-15
URL: CVE-2019-19807
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Release Date: 2020-01-30
Fix Resolution: v5.4-rc7
Step up your Open Source Security Game with Mend here