CVE-2019-11884 : The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

Published 2019-05-10 22:29:01

Updated 2023-03-03 20:53:39

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2019-11884

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.1
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time For Nfv Tus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time For Nfv Tus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time For Nfv Tus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time Tus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time Tus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Real Time Tus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 5.0.15
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 19.04
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 28
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 29
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 30
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 42.3
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 15.0
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-11884

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 22 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-11884

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
3.3	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	1.8	1.4	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

References for CVE-2019-11884

https://access.redhat.com/errata/RHSA-2020:0740

RHSA-2020:0740 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.15

Release Notes;Vendor Advisory
https://usn.ubuntu.com/4118-1/

USN-4118-1: Linux kernel (AWS) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html

[SECURITY] [DLA 1824-1] linux-4.9 security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPWHQHNM2MSGO3FDJVIQXQNKYVR7TV45/

[SECURITY] Fedora 28 Update: kernel-5.0.16-100.fc28 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3517

RHSA-2019:3517 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://seclists.org/bugtraq/2019/Jun/26

Bugtraq: [SECURITY] [DSA 4465-1] linux security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAYXGGJUUYPOMCBZGGDCUZFLUU3JOZG5/

[SECURITY] Fedora 30 Update: kernel-headers-5.0.16-300.fc30 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html

[security-announce] openSUSE-SU-2019:1407-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html

[security-announce] openSUSE-SU-2019:1404-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF2PDXUGOFEOTPVEACKFIHQB6O4XUIZD/

[SECURITY] Fedora 29 Update: kernel-headers-5.0.16-200.fc29 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://www.debian.org/security/2019/dsa-4465

Debian -- Security Information -- DSA-4465-1 linux
Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/4068-2/

USN-4068-2: Linux kernel (HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html

[SECURITY] [DLA 1823-1] linux security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/4068-1/

USN-4068-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html

[security-announce] openSUSE-SU-2019:1479-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/108299

Linux Kernel 'net/bluetooth/hidp/sock.c' Local Information Disclosure Vulnerability
Broken Link;Third Party Advisory;VDB Entry
https://usn.ubuntu.com/4076-1/

USN-4076-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/4069-2/

USN-4069-2: Linux kernel (HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2019:3309

RHSA-2019:3309 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1616a5ac99ede5d605047a9012481ce7ff18b16

kernel/git/torvalds/linux.git - Linux kernel source tree
Patch;Vendor Advisory
https://github.com/torvalds/linux/commit/a1616a5ac99ede5d605047a9012481ce7ff18b16

Bluetooth: hidp: fix buffer overflow · torvalds/linux@a1616a5 · GitHub
Patch;Vendor Advisory
https://usn.ubuntu.com/4069-1/

USN-4069-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2019-11884

Products affected by CVE-2019-11884

Exploit prediction scoring system (EPSS) score for CVE-2019-11884

CVSS scores for CVE-2019-11884

References for CVE-2019-11884