CVE-2019-18813

Updated: 2023-12-06

CWE: Uncontrolled Resource Consumption

Description:

A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.

CVSS3: 7.5


Vendor State

OS Vendor version Errata
Ubuntu 18.04 HWE 5.3.0-26.28~18.04.1 USN-4225-2
Ubuntu 19.04 5.0.0-38.41 USN-4226-1
Ubuntu 18.04 Azure 5.0.0-1028.30~18.04.1 USN-4226-1
Ubuntu 19.10 5.3.0-26.28 USN-4225-1
Ubuntu 18.04 Azure Eoan 5.3.0-1009.10~18.04.1 USN-4225-1

KernelCare State

OS Original kernel version State
Ubuntu 18.04 HWE
Ready For Release
Ubuntu 18.04 GCP
5.0.0-1020.20~18.04.1 show all hide all
5.0.0-1021.21~18.04.1 5.0.0-1025.26~18.04.1 5.0.0-1026.27~18.04.1
Released
Debian 10
4.19.67-2+deb10u1 show all hide all
4.19.37-5 4.19.37-5+deb10u2 4.19.67-2+deb10u2 4.19.67-2 4.19.37-5+deb10u1
Released
Proxmox VE 6
5.0.12-1-pve_5.0.12-1 show all hide all
5.0.18-1-pve_5.0.18-1 5.0.21-1-pve_5.0.21-1 5.0.21-2-pve_5.0.21-6 5.0.21-3-pve_5.0.21-7 5.0.8-1-pve_5.0.8-1 5.0.8-2-pve_5.0.8-2 5.0.21-4-pve_5.0.21-8 5.0.21-1-pve_5.0.21-2 5.0.21-5-pve_5.0.21-10 5.0.18-1-pve_5.0.18-3 5.0.15-1-pve_5.0.15-1 5.0.18-1-pve_5.0.18-2 5.0.21-2-pve_5.0.21-3 5.0.21-4-pve_5.0.21-9 5.0.21-2-pve_5.0.21-4
Released
Ubuntu 19.04
Ready For Release
Ubuntu 18.04 Azure
5.0.0-1020.21~18.04.1 show all hide all
5.0.0-1022.23~18.04.1 5.0.0-1018.19~18.04.1 5.0.0-1023.24~18.04.1 5.0.0-1016.17~18.04.1 5.0.0-1019.20~18.04.1 5.0.0-1021.22~18.04.1 5.0.0-1027.29~18.04.1 5.0.0-1025.27~18.04.1 5.0.0-1014.14~18.04.1
Released
Debian 10 cloud
4.19.67-2+deb10u2 show all hide all
4.19.28-2_bpo9+1
Released
Debian 9 backports
4.19.67-2+deb10u2~bpo9+1
Released
Ubuntu 19.10
Will Not Fix
Ubuntu 18.04 Azure Eoan
Will Not Fix