CVE-2019-16995

CVSS v3.1 7.5 (High)

CVSS v2.0 7.8 (High)

EPSS 0.69 % (80^th)

Affected Products 27

Advisories 14

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

Weaknesses

CWE-401: Missing Release of Memory after Effective Lifetime

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-09-30 13:15:11
(5 years ago)
Updated Date: 2021-07-21 11:39:23
(3 years ago)

Affected Products

Linux

Linux Kernel

Netapp

Opensuse

Leap

Configuration #1

AND

		CPE23	From	Up To
OR
	Linux Kernel from 3.17 version and prior 3.18.137 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.137
OR
	Running on/with
	Linux Kernel from 4.4 version and prior 4.4.177 version	cpe:2.3:o:linux:linux_kernel	>= 4.4	< 4.4.177
OR
	Running on/with
	Linux Kernel from 4.9 version and prior 4.9.164 version	cpe:2.3:o:linux:linux_kernel	>= 4.9	< 4.9.164
OR
	Running on/with
	Linux Kernel from 4.14 version and prior 4.14.107 version	cpe:2.3:o:linux:linux_kernel	>= 4.14	< 4.14.107
OR
	Running on/with
	Linux Kernel from 4.19 version and prior 4.19.30 version	cpe:2.3:o:linux:linux_kernel	>= 4.19	< 4.19.30
OR
	Running on/with
	Linux Kernel from 4.20 version and prior 4.20.17 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 4.20.17
OR
	Running on/with
	Linux Kernel from 5.0 version and prior 5.0.3 version	cpe:2.3:o:linux:linux_kernel	>= 5.0	< 5.0.3
OR
	Running on/with
	Linux Kernel 5.1 Rc1	cpe:2.3:o:linux:linux_kernel:5.1:rc1

Configuration #2

AND

		CPE23
OR
	Opensuse Leap 15.0	cpe:2.3:o:opensuse:leap:15.0
OR
	Running on/with
	Opensuse Leap 15.1	cpe:2.3:o:opensuse:leap:15.1

Configuration #3

AND

		CPE23
OR
	Netapp Aff A700s Firmware	cpe:2.3:o:netapp:aff_a700s_firmware:-
OR
	Running on/with
	Netapp Aff A700s	cpe:2.3:h:netapp:aff_a700s:-

Configuration #4

AND

		CPE23
OR
	Netapp H300s Firmware	cpe:2.3:o:netapp:h300s_firmware:-
OR
	Running on/with
	Netapp H300s	cpe:2.3:h:netapp:h300s:-

Configuration #5

AND

		CPE23
OR
	Netapp H500s Firmware	cpe:2.3:o:netapp:h500s_firmware:-
OR
	Running on/with
	Netapp H500s	cpe:2.3:h:netapp:h500s:-

Configuration #6

AND

		CPE23
OR
	Netapp H700s Firmware	cpe:2.3:o:netapp:h700s_firmware:-
OR
	Running on/with
	Netapp H700s	cpe:2.3:h:netapp:h700s:-

Configuration #7

AND

		CPE23
OR
	Netapp H300e Firmware	cpe:2.3:o:netapp:h300e_firmware:-
OR
	Running on/with
	Netapp H300e	cpe:2.3:h:netapp:h300e:-

Configuration #8

AND

		CPE23
OR
	Netapp H500e Firmware	cpe:2.3:o:netapp:h500e_firmware:-
OR
	Running on/with
	Netapp H500e	cpe:2.3:h:netapp:h500e:-

Configuration #9

AND

		CPE23
OR
	Netapp H700e Firmware	cpe:2.3:o:netapp:h700e_firmware:-
OR
	Running on/with
	Netapp H700e	cpe:2.3:h:netapp:h700e:-

Configuration #10

AND

		CPE23
OR
	Netapp H410s Firmware	cpe:2.3:o:netapp:h410s_firmware:-
OR
	Running on/with
	Netapp H410s	cpe:2.3:h:netapp:h410s:-

Configuration #11

AND

		CPE23
OR
	Netapp H410c Firmware	cpe:2.3:o:netapp:h410c_firmware:-
OR
	Running on/with
	Netapp H410c	cpe:2.3:h:netapp:h410c:-

Configuration #12

AND

		CPE23
OR
	Netapp H610s Firmware	cpe:2.3:o:netapp:h610s_firmware:-
OR
	Running on/with
	Netapp H610s	cpe:2.3:h:netapp:h610s:-

Configuration #13

AND

		CPE23
OR
	Netapp Data Availability Services	cpe:2.3:a:netapp:data_availability_services:-
OR
	Running on/with
	Netapp Hci Management Node	cpe:2.3:a:netapp:hci_management_node:-
OR
	Running on/with
	Netapp Service Processor	cpe:2.3:a:netapp:service_processor:-
OR
	Running on/with
	Netapp Solidfire	cpe:2.3:a:netapp:solidfire:-
OR
	Running on/with
	Netapp Steelstore Cloud Integrated Storage	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-