Bug 1775004 (CVE-2019-19051) - CVE-2019-19051 kernel: dos in i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c
Summary: CVE-2019-19051 kernel: dos in i2400m_op_rfkill_sw_toggle() function in driver...
Alias: CVE-2019-19051
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1775005
Blocks: 1775039
TreeView+ depends on / blocked
Reported: 2019-11-21 11:17 UTC by Dhananjay Arunesh
Modified: 2023-03-24 16:08 UTC (History)
48 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the way the Linux kernel's WiMAX i2400 driver handled memory release in certain error codes path in the RF kill switch control function. A local attacker able to control the device could use this flaw to crash the system.
Clone Of:
Last Closed: 2020-02-25 14:45:47 UTC

Attachments (Terms of Use)

Description Dhananjay Arunesh 2019-11-21 11:17:18 UTC
A vulnerability was found in Linux Kernel where, a memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c allows attackers to cause a denial of service (memory consumption).


Comment 1 Dhananjay Arunesh 2019-11-21 11:17:51 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1775005]

Comment 2 Justin M. Forbes 2019-11-21 17:34:14 UTC
This was fixed for Fedora with the 5.3.11 stable kernel update.

Comment 3 Petr Matousek 2020-02-25 14:43:42 UTC

As the i2400m module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:

# echo "install i2400m /bin/true" >> /etc/modprobe.d/disable-i2400m.conf

The system will need to be restarted if the i2400m module is already loaded. In most circumstances, the i2400m kernel module will be unable to be unloaded while the device is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.

Note You need to log in before you can comment on or make changes to this bug.