vulnerability

Ubuntu: (CVE-2019-19049): linux-lts-xenial vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Nov 18, 2019	Nov 19, 2024	Sep 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Nov 18, 2019

Added

Nov 19, 2024

Modified

Sep 5, 2025

Description

A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot

Solutions

ubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-fipsubuntu-upgrade-linux-lts-xenial

References

CVE-2019-19049
https://attackerkb.com/topics/CVE-2019-19049
CWE-401
URL-https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10
URL-https://github.com/torvalds/linux/commit/e13de8fe0d6a51341671bbe384826d527afe8d44
URL-https://www.cve.org/CVERecord?id=CVE-2019-19049

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today