SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2019-3459

Date: (C)2019-06-19 (M)2024-04-19

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 6.5		CVSS Score : 3.3
Exploit Score: 2.8		Exploit Score: 6.5
Impact Score: 3.6		Impact Score: 2.9

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORK		Access Vector: ADJACENT_NETWORK
Attack Complexity: LOW		Access Complexity: LOW
Privileges Required: NONE		Authentication: NONE
User Interaction: NONE		Confidentiality: PARTIAL
Scope: UNCHANGED		Integrity: NONE
Confidentiality: HIGH		Availability: NONE
Integrity: NONE
Availability: NONE

Reference:

https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html

https://lore.kernel.org/linux-bluetooth/20190110062833.GA15047%40kroah.com/

https://marc.info/?l=oss-security&m=154721580222522&w=2

http://www.openwall.com/lists/oss-security/2019/06/27/7

http://www.openwall.com/lists/oss-security/2019/06/28/2

http://www.openwall.com/lists/oss-security/2019/08/12/1

https://bugzilla.novell.com/show_bug.cgi?id=1120758

https://bugzilla.redhat.com/show_bug.cgi?id=1663176

https://git.kernel.org/linus/7c9cbd0b5e38a1672fcd137894ace3b042dfbf69

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3459.html

cpe:/o:linux:linux_kernel
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/o:redhat:enterprise_linux_workstation:7.0
cpe:/o:redhat:enterprise_linux_desktop:7.0
...

oval:org.secpod.oval:def:89043562
oval:org.secpod.oval:def:704863
oval:org.secpod.oval:def:704867
oval:org.secpod.oval:def:54114
...

© SecPod Technologies