CVE-2019-12455

** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because ?The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.?.

Published : 2019-05-30 04:29 Updated : 2019-10-10 12:09

4.9
CVSS Score More info
Score 4.9 / 10
4.9
Vendor Product Version URI
Linux Linux Kernel 5.1.5 cpe:/o:linux:linux_kernel:5.1.5
  1. Linux (1) Search CVE
    1. Linux Kernel (1) Search CVE
      1. 5.1.5

CWE

ID Name Description Links
CWE-476 NULL Pointer Dereference A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. CVE

History of changes

Date Event
2019-07-10 12:15
2019-07-02 20:15
2019-06-10 03:29
2019-05-30 14:22
2019-05-30 04:29

New CVE