CVE-2019-17075

CVSS v3.1 7.5 (High)

CVSS v2.0 7.1 (High)

EPSS 4.79 % (93^th)

Affected Products 1

Advisories 8

An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-10-01 21:15:11
(5 years ago)
Updated Date: 2023-11-07 03:06:08
(10 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 2.6.35 version and prior 4.4.198 version	cpe:2.3:o:linux:linux_kernel	>= 2.6.35	< 4.4.198
Linux Kernel from 4.5.0 version and prior 4.9.198 version	cpe:2.3:o:linux:linux_kernel	>= 4.5.0	< 4.9.198
Linux Kernel from 4.10 version and prior 4.14.151 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.14.151
Linux Kernel from 4.15 version and prior 4.19.81 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.81
Linux Kernel from 4.20 version and prior 5.3.8 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.3.8