CVE-2019-12382

CVSS v3.0 5.5 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.07 % (33^th)

Affected Products 1

Advisories 44

NVD Status Modified

An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
NVD Status: Modified
CNA: MITRE
Published Date: 2019-05-28 03:29:00
(5 years ago)
Updated Date: 2024-08-05 00:15:20
(6 weeks ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 5.1.5 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 5.1.5