CVE-2019-11884

Low

3.3/10

Summary

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

References

Advisory Timeline

Published May 10, 2019

CVE-2019-11884

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS