CVE-2019-15504 - Double Free

Severity

99%

Complexity

99%

Confidentiality

165%

drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

CVSS 3.0 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Demo Examples

Double Free

CWE-415

Double Free

CWE-415

While contrived, this code should be exploitable on Linux distributions which do not ship with heap-chunk check summing turned on.


               
}
free(buf1R2);

Overview

First reported 5 years ago

2019-08-23 06:15:00

Last updated 5 years ago

2019-09-04 05:15:00

Affected Software

Linux Kernel

References

FEDORA-2019-97380355ae

FEDORA-2019-4c91a2f76e

https://lore.kernel.org/lkml/[email protected]/

Patch, Third Party Advisory

https://security.netapp.com/advisory/ntap-20190905-0002/

https://support.f5.com/csp/article/K33554143

https://support.f5.com/csp/article/K33554143?utm_source=f5support&utm_medium=RSS

USN-4157-1

USN-4157-2

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.