CVE-2019-10207 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-10207 PUBLISHED

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

EPSS 0.70% · 71.9th percentile

Risk Scores

EPSS Score

0.70%

71.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:14.04:LTS	linux-lts-xenial	4.4.0-128.154~14.04.1, 4.4.0-148.174~14.04.1, 4.4.0-146.172~14.04.1
Ubuntu:18.04:LTS	linux-gke-5.0	0, 5.0.0-1011.11~18.04.1, 5.0.0-1015.15~18.04.1
Ubuntu:16.04:LTS	linux-raspi2	4.4.0-1044.51, 4.4.0-1103.111, 4.4.0-1104.112
Ubuntu:22.04:LTS	linux-intel-iot-realtime	0, 5.15.0-1073.75
Ubuntu:18.04:LTS	linux-oem-osp1	5.0.0-1015.16, 5.0.0-1012.13, 5.0.0-1010.11
Ubuntu:18.04:LTS	linux-gke-4.15	4.15.0-1034.36, 4.15.0-1036.38, 4.15.0-1037.39
Ubuntu:18.04:LTS	linux-snapdragon	4.4.0-1079.84, 4.15.0-1060.66, 4.15.0-1058.64
Ubuntu:18.04:LTS	linux-oracle	0, 4.15.0-1008.10, 4.15.0-1009.11
Ubuntu:16.04:LTS	linux-oracle	4.15.0-1021.23~16.04.1, 4.15.0-1018.20~16.04.1, 4.15.0-1017.19~16.04.2
Ubuntu:Pro:14.04:LTS	linux	3.13.0-29.53, 3.13.0-30.54, 3.13.0-30.55
Ubuntu:Pro:FIPS:18.04:LTS	linux-gcp-fips	0, 4.15.0-1001.1
Ubuntu:18.04:LTS	linux-oem	4.15.0-1013.16, 4.15.0-1012.15, 4.15.0-1009.12
Ubuntu:16.04:LTS	linux-kvm	4.4.0-1052.59, 0, 4.4.0-1004.9
Ubuntu:22.04:LTS	linux-realtime	0, 5.15.0-1032.35
Ubuntu:16.04:LTS	linux-hwe	4.13.0-39.44~16.04.1, 4.13.0-41.46~16.04.1, 4.13.0-43.48~16.04.1
Ubuntu:18.04:LTS	linux-aws	4.15.0-1043.45, 4.15.0-1041.43, 4.15.0-1040.42
Ubuntu:18.04:LTS	linux-kvm	0, 4.15.0-1039.39, 4.15.0-1038.38
Ubuntu:16.04:LTS	linux-aws-hwe	4.15.0-1045.47~16.04.1, 4.15.0-1044.46~16.04.1, 4.15.0-1043.45~16.04.1
Ubuntu:16.04:LTS	linux	4.4.0-108.131, 0, 4.2.0-16.19
Ubuntu:18.04:LTS	linux-gcp	4.15.0-1036.38, 4.15.0-1037.39, 4.15.0-1001.1

…and 18 more

Timeline

Jul 29, 2019 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 25, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Mar 5, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2019-10207 third-party-advisory
https://www.openwall.com/lists/oss-security/2019/07/25/1 third-party-advisory
https://lore.kernel.org/linux-bluetooth/20190729122215.9948-1-vdronov@redhat.com/ third-party-advisory
https://ubuntu.com/security/notices/USN-4115-1 vendor-advisory
https://ubuntu.com/security/notices/USN-4118-1 vendor-advisory
https://ubuntu.com/security/notices/USN-4145-1 vendor-advisory
https://ubuntu.com/security/notices/USN-4147-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2019-10207 third-party-advisory

Open in Interactive Console →