CVE-2019-10207

LOW

Description

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207

https://security.netapp.com/advisory/ntap-20200103-0001/

Details

Source: MITRE

Published: 2019-11-25

Updated: 2020-01-03

Type: CWE-476

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Tenable Plugins

View all (26 total)

ID	Name	Product	Family	Severity
130950	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)	Nessus	SuSE Local Security Checks	critical
130736	EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)	Nessus	Huawei Local Security Checks	critical
130663	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)	Nessus	Huawei Local Security Checks	critical
130547	RHEL 8 : kernel (RHSA-2019:3517)	Nessus	Red Hat Local Security Checks	high
130526	RHEL 8 : kernel-rt (RHSA-2019:3309)	Nessus	Red Hat Local Security Checks	high
130163	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2738-1)	Nessus	SuSE Local Security Checks	critical
129845	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2648-1)	Nessus	SuSE Local Security Checks	critical
129841	Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4820)	Nessus	Oracle Linux Local Security Checks	high
129677	Ubuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4147-1)	Nessus	Ubuntu Local Security Checks	high
129491	Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4145-1)	Nessus	Ubuntu Local Security Checks	critical
129157	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2424-1)	Nessus	SuSE Local Security Checks	critical
129156	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2414-1)	Nessus	SuSE Local Security Checks	critical
129154	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2412-1)	Nessus	SuSE Local Security Checks	critical
128680	Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, (USN-4115-2)	Nessus	Ubuntu Local Security Checks	critical
128542	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)	Nessus	SuSE Local Security Checks	medium
128478	Ubuntu 16.04 LTS / 18.04 LTS : linux-aws vulnerabilities (USN-4118-1)	Nessus	Ubuntu Local Security Checks	critical
128475	Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, (USN-4115-1)	Nessus	Ubuntu Local Security Checks	critical
128470	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2263-1)	Nessus	SuSE Local Security Checks	medium
128012	openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)	Nessus	SuSE Local Security Checks	medium
128011	openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)	Nessus	SuSE Local Security Checks	medium
127921	Debian DLA-1885-1 : linux-4.9 security update	Nessus	Debian Local Security Checks	high
127882	Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-226-01)	Nessus	Slackware Local Security Checks	high
127867	Debian DSA-4497-1 : linux - security update	Nessus	Debian Local Security Checks	high
127866	Debian DLA-1884-1 : linux security update	Nessus	Debian Local Security Checks	high
127517	Fedora 30 : kernel / kernel-headers / kernel-tools (2019-7aecfe1c4b)	Nessus	Fedora Local Security Checks	medium
127491	Debian DSA-4495-1 : linux - security update	Nessus	Debian Local Security Checks	high