Allele Security Alert
ASA-2019-00640
Identifier(s)
ASA-2019-00640, CVE-2019-18810, CID-a0ecd6fdbf5d
Title
Memory leak in komeda_wb_connector_add()
Vendor(s)
Linux foundation
Product(s)
Linux kernel
Affected version(s)
Linux kernel upstream versions before 5.4
Linux kernel stable versions 5.3.x before 5.3.8
Fixed version(s)
Linux kernel upstream version 5.4
Linux kernel stable version 5.3.8
Linux kernel versions with the following commit applied:
drm/komeda: prevent memory leak in komeda_wb_connector_add
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ecd6fdbf5d648123a7315c695fb6850d702835
Proof of concept
Unknown
Description
A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures.
Technical details
Unknown
Credits
Navid Emamdoost
Reference(s)
drm/komeda: prevent memory leak in komeda_wb_connector_add
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ecd6fdbf5d648123a7315c695fb6850d702835
drm/komeda: prevent memory leak in komeda_wb_connector_add
https://github.com/torvalds/linux/commit/a0ecd6fdbf5d648123a7315c695fb6850d702835
Linux 5.4
https://lkml.org/lkml/2019/11/24/187
Linux 5.4
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4
Linux 5.4-rc2
https://lkml.org/lkml/2019/10/6/878
Linux 5.3.8
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18810.html
CVE-2019-18810 | SUSE
https://www.suse.com/security/cve/CVE-2019-18810
CVE-2019-18810
https://security-tracker.debian.org/tracker/CVE-2019-18810
CVE-2019-18810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18810
CVE-2019-18810
https://nvd.nist.gov/vuln/detail/CVE-2019-18810
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: November 25, 2019