VDB
CVE-2019-16230
CVE-2019-16230
PUBLISHED
drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics card occurs during boot. It is not attacker controllable and OOM at that time is highly unlikely
EPSS 0.07% · 20.5th percentile
Risk Scores
EPSS Score
0.07%
20.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | linux-azure | 4.15.0-1191.206~16.04.1, 4.11.0-1013.13, 4.11.0-1011.11 |
| Ubuntu:20.04:LTS | linux-gcp-5.8 | 5.8.0-1032.34~20.04.1, 5.8.0-1035.37~20.04.1, 5.8.0-1038.40~20.04.1 |
| Ubuntu:18.04:LTS | linux-aws-5.3 | *, 5.3.0-1035.37, 5.3.0-1034.36 |
| Ubuntu:Pro:16.04:LTS | linux-gcp | *, *, 4.13.0-1006.9 |
| Ubuntu:18.04:LTS | linux-hwe | 5.3.0-51.44~18.04.2, 5.3.0-53.47~18.04.1, * |
| Ubuntu:Pro:16.04:LTS | linux-aws-hwe | 4.15.0-1151.164~16.04.1, 4.15.0-1148.160~16.04.1, 4.15.0-1147.159~16.04.1 |
| Ubuntu:20.04:LTS | linux-oracle-5.8 | 5.8.0-1038.39~20.04.1, *, 0 |
| Ubuntu:18.04:LTS | linux-hwe-edge | 5.0.0-20.21~18.04.1, 5.3.0-19.20~18.04.2, 5.3.0-22.24~18.04.1 |
| Ubuntu:18.04:LTS | linux-gcp | 4.15.0-1018.19, 4.15.0-1037.39, 4.15.0-1034.36 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | 5.3.0-1026.28~18.04.1, *, * |
| Ubuntu:Pro:14.04:LTS | linux-aws | 4.4.0-1117.123, 4.4.0-1118.124, 4.4.0-1119.125 |
| Ubuntu:18.04:LTS | linux-gcp-edge | *, *, * |
| Ubuntu:Pro:14.04:LTS | linux-azure | 4.15.0-1192.207~14.04.1, *, * |
| Ubuntu:20.04:LTS | linux-azure-5.8 | 5.8.0-1042.45~20.04.1, 5.8.0-1043.46~20.04.1, * |
| Ubuntu:18.04:LTS | linux-oracle-5.3 | 5.3.0-1013.14~18.04.1, *, 5.3.0-1027.29~18.04.1 |
| Ubuntu:20.04:LTS | linux-riscv-5.8 | 5.8.0-29.31~20.04.1, *, 5.8.0-25.27~20.04.1 |
| Ubuntu:20.04:LTS | linux-oem-5.6 | 5.6.0-1035.37, 0, 5.6.0-1017.17 |
| Ubuntu:18.04:LTS | linux-oem | 4.15.0-1097.107, 4.15.0-1038.43, 4.15.0-1035.40 |
| Ubuntu:20.04:LTS | linux-intel-5.13 | 5.13.0-1010.10, 5.13.0-1017.19, 5.13.0-1014.15 |
| Ubuntu:Pro:16.04:LTS | linux-aws | 4.4.0-1039.48, 4.4.0-1030.39, 4.4.0-1060.69 |
…and 17 more
Exploit Intelligence
Timeline
- Sep 11, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-16230 third-party-advisory
- https://lkml.org/lkml/2019/9/9/487 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-16230 third-party-advisory