What is CVE-2019-5108?

CVE-2019-5108 is a high-severity vulnerability in Linux Kernel, classified under Expected Behavior Violation. CVSS score: 7.4/10. Published 2019-12-23.

How severe is CVE-2019-5108?

High severity. CVSS v3 base score is 7.4 out of 10.

Vulnerability in Linux Kernel

CVE-2019-5108

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication pr…

EPSS: 0.008 (73.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

N/a Linux Kernel — versions Linux 4.14.98-v7+

Weakness classification (CWE)

CWE-440 — Expected Behavior Violation

References

USN-4285-1 (vendor-advisory, x_refsource_UBUNTU)
USN-4287-1 (vendor-advisory, x_refsource_UBUNTU)
USN-4286-2 (vendor-advisory, x_refsource_UBUNTU)
USN-4287-2 (vendor-advisory, x_refsource_UBUNTU)
USN-4286-1 (vendor-advisory, x_refsource_UBUNTU)
[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update (mailing-list, x_refsource_MLIST)
[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update (mailing-list, x_refsource_MLIST)
[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update (mailing-list, x_refsource_MLIST)
DSA-4698 (vendor-advisory, x_refsource_DEBIAN)
www.oracle.com/security-alerts/cpuApr2021.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-5108?: CVE-2019-5108 is a high-severity vulnerability in Linux Kernel, classified under Expected Behavior Violation. CVSS score: 7.4/10. Published 2019-12-23.
How severe is CVE-2019-5108?: High severity. CVSS v3 base score is 7.4 out of 10.