Use-after-free vulnerability in Linux kernel before 5.0.7 allows for Denial of Service

Use-after-free vulnerability in Linux kernel before 5.0.7 allows for Denial of Service

CVE-2019-11810 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.