SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2019-3460

Date: (C)2019-06-19 (M)2024-04-18

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 6.5		CVSS Score : 3.3
Exploit Score: 2.8		Exploit Score: 6.5
Impact Score: 3.6		Impact Score: 2.9

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORK		Access Vector: ADJACENT_NETWORK
Attack Complexity: LOW		Access Complexity: LOW
Privileges Required: NONE		Authentication: NONE
User Interaction: NONE		Confidentiality: PARTIAL
Scope: UNCHANGED		Integrity: NONE
Confidentiality: HIGH		Availability: NONE
Integrity: NONE
Availability: NONE

Reference:

https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html

https://lore.kernel.org/linux-bluetooth/20190110062917.GB15047@kroah.com/

https://marc.info/?l=oss-security&m=154721580222522&w=2

http://www.openwall.com/lists/oss-security/2019/06/27/7

http://www.openwall.com/lists/oss-security/2019/06/28/2

http://www.openwall.com/lists/oss-security/2019/08/12/1

https://bugzilla.redhat.com/show_bug.cgi?id=1663179

https://git.kernel.org/linus/af3d5d1c87664a4f150fcf3534c6567cb19909b0

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3460.html

cpe:/o:debian:debian_linux:8.0
cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
...

oval:org.secpod.oval:def:89003467
oval:org.secpod.oval:def:1504160
oval:org.secpod.oval:def:1504148
oval:org.secpod.oval:def:89003282
...

© SecPod Technologies