CVE-2019-15099

CVSS v3.1 7.5 (High)

CVSS v2.0 7.8 (High)

EPSS 2.54 % (90^th)

Affected Products 2

Advisories 12

drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-08-16 02:15:11
(5 years ago)
Updated Date: 2023-11-07 03:05:24
(10 months ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 4.14 version and prior 4.14.157 version	cpe:2.3:o:linux:linux_kernel	>= 4.14	< 4.14.157
	Linux Kernel from 4.15 version and prior 4.19.87 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.87
	Linux Kernel from 4.20 version and prior 5.3.14 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.3.14
	Linux Kernel from 5.4.0 version and prior 5.4.1 version	cpe:2.3:o:linux:linux_kernel	>= 5.4.0	< 5.4.1

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:esm
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 19.10	cpe:2.3:o:canonical:ubuntu_linux:19.10