CVE-2019-18810

HIGH

Linux Kernel <5.3.8 - DoS

Title source: llm

Description

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

References (4)

[Mailing List, Vendor Advisory] https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8

[Mailing List, Patch, Vendor Advisory] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ecd6fdbf5d648123a7315c695fb6850d702835

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20191205-0001/

[Third Party Advisory] https://usn.ubuntu.com/4208-1/

Scores

CVSS v3 7.5

EPSS 0.0127

EPSS Percentile 79.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (3)

linux/linux_kernel < 5.3.8

canonical/ubuntu_linux

canonical/ubuntu_linux

Timeline

Published Nov 07, 2019

Tracked Since Feb 18, 2026