CVE-2019-10207

MEDIUM

Linux kernel <4.18.0, <5 - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-10207. PoCs published by butterflyhack.

AI-analyzed exploit summary The repository contains a functional proof-of-concept exploit for CVE-2019-10207, a Linux kernel NULL pointer dereference vulnerability in the Bluetooth HCI UART driver. The PoC demonstrates the vulnerability by manipulating line discipline and protocol settings via ioctl calls.

Description

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

Exploits (1)

nomisec WORKING POC 20 stars
by butterflyhack · poc
https://github.com/butterflyhack/CVE-2019-10207

The repository contains a functional proof-of-concept exploit for CVE-2019-10207, a Linux kernel NULL pointer dereference vulnerability in the Bluetooth HCI UART driver. The PoC demonstrates the vulnerability by manipulating line discipline and protocol settings via ioctl calls.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Linux kernel (4.20.0 and earlier with CONFIG_BT_HCIUART_MRVL and CONFIG_BT_MRVL enabled)
No auth needed
Prerequisites: Kernel configured with CONFIG_BT_HCIUART_MRVL=y and CONFIG_BT_MRVL=y · Access to /dev/ptmx
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200103-0001/

Scores

CVSS v3 5.5
EPSS 0.0088
EPSS Percentile 54.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (1)
linux/linux_kernel 3.0 - 4.18.0
Published Nov 25, 2019
Tracked Since Feb 18, 2026