CVE-2019-10207

LOW

Description

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207

https://security.netapp.com/advisory/ntap-20200103-0001/

Details

Source: MITRE

Published: 2019-11-25

Updated: 2020-01-03

Type: CWE-476

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from 5.0 to 5.4 (inclusive)

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
145665CentOS 8 : kernel (CESA-2019:3517)NessusCentOS Local Security Checks
high
135813Scientific Linux Security Update : kernel on SL7.x x86_64 (20200407)NessusScientific Linux Local Security Checks
high
135316CentOS 7 : kernel (CESA-2020:1016)NessusCentOS Local Security Checks
high
135080RHEL 7 : kernel (RHSA-2020:1016)NessusRed Hat Local Security Checks
high
135078RHEL 7 : kernel-rt (RHSA-2020:1070)NessusRed Hat Local Security Checks
high
130950SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)NessusSuSE Local Security Checks
critical
130736EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)NessusHuawei Local Security Checks
critical
130663EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)NessusHuawei Local Security Checks
critical
130547RHEL 8 : kernel (RHSA-2019:3517)NessusRed Hat Local Security Checks
high
130526RHEL 8 : kernel-rt (RHSA-2019:3309)NessusRed Hat Local Security Checks
high
130163SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2738-1)NessusSuSE Local Security Checks
critical
129845SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2648-1)NessusSuSE Local Security Checks
critical
129841Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4820)NessusOracle Linux Local Security Checks
high
129677Ubuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4147-1)NessusUbuntu Local Security Checks
high
129491Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4145-1)NessusUbuntu Local Security Checks
critical
129157SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2424-1)NessusSuSE Local Security Checks
critical
129156SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2414-1)NessusSuSE Local Security Checks
critical
129154SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2412-1)NessusSuSE Local Security Checks
critical
128680Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel regression (USN-4115-2)NessusUbuntu Local Security Checks
critical
128542SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)NessusSuSE Local Security Checks
medium
128478Ubuntu 16.04 LTS / 18.04 LTS : linux-aws vulnerabilities (USN-4118-1)NessusUbuntu Local Security Checks
critical
128475Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, (USN-4115-1)NessusUbuntu Local Security Checks
critical
128470SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2263-1)NessusSuSE Local Security Checks
medium
128012openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)NessusSuSE Local Security Checks
medium
128011openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)NessusSuSE Local Security Checks
medium
127921Debian DLA-1885-1 : linux-4.9 security updateNessusDebian Local Security Checks
high
127882Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-226-01)NessusSlackware Local Security Checks
high
127867Debian DSA-4497-1 : linux - security updateNessusDebian Local Security Checks
high
127866Debian DLA-1884-1 : linux security updateNessusDebian Local Security Checks
high
127517Fedora 30 : kernel / kernel-headers / kernel-tools (2019-7aecfe1c4b)NessusFedora Local Security Checks
medium
127491Debian DSA-4495-1 : linux - security updateNessusDebian Local Security Checks
high