CVE-2019-3819

CVSS v3.1 4.4 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (5^th)

Affected Products 4

Advisories 12

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Versions from v4.18 and newer are vulnerable.

Weaknesses

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2019-01-25 18:29:00
(5 years ago)
Updated Date: 2020-10-19 17:43:48
(3 years ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 4.18 version	cpe:2.3:o:linux:linux_kernel	>= 4.18

Configuration #2

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts

Configuration #4

		CPE23	From	Up To
	Opensuse Leap 15.0	cpe:2.3:o:opensuse:leap:15.0

Configuration #5

		CPE23	From	Up To
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts

Weaknesses

Affected Products

Canonical

Debian

Linux

Opensuse

Configuration #1

Configuration #2

Configuration #3

Configuration #4

Configuration #5