Unchecked kmalloc in ip_ra_control leading to potential denial of service

Unchecked kmalloc in ip_ra_control leading to potential denial of service

CVE-2019-12381 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.