Unrated severityNVD Advisory· Published May 28, 2019· Updated Aug 4, 2024

CVE-2019-12380

Description

DISPUTED An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.

Affected products

Linux/Linux kerneldescription
osv-coords83 versions
pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/kernel-vanilla&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/kernel-vanilla&distro=openSUSE%20Leap%2015.1 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%205 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015 pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%207 pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015 pkg:rpm/suse/kernel-livepatch-SLE15_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP4 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP4 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP1 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015 pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%205 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%207 pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP4 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP1 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015 pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%205 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207 pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP4 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP1 pkg:rpm/suse/kernel-vanilla&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_31&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_31&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_31&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_31&distro=SUSE%20OpenStack%20Cloud%207 pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_27&distro=SUSE%20Enterprise%20Storage%205 pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_27&distro=SUSE%20OpenStack%20Cloud%208
< 4.12.14-lp150.12.64.1+ 82 more
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-lp150.12.64.1
- (no CPE)range: < 4.12.14-lp151.28.7.1
- (no CPE)range: < 4.12.14-5.33.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 1-1.5.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-8.3.1
- (no CPE)range: < 4.12.14-14.8.1
- (no CPE)range: < 4.12.14-8.3.1
- (no CPE)range: < 4.12.14-14.8.1
- (no CPE)range: < 4.12.14-5.33.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-8.3.1
- (no CPE)range: < 4.12.14-14.8.1
- (no CPE)range: < 4.12.14-5.33.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.4.121-92.117.1
- (no CPE)range: < 4.4.180-94.100.1
- (no CPE)range: < 4.12.14-8.3.1
- (no CPE)range: < 4.12.14-14.8.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 4.12.14-150.27.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-4.3.1
- (no CPE)range: < 1-4.3.1
- (no CPE)range: < 1-4.3.1
- (no CPE)range: < 1-4.3.1
- (no CPE)range: < 1-4.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.htmlmitrevendor-advisoryx_refsource_SUSE
lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.htmlmitrevendor-advisoryx_refsource_SUSE
lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.htmlmitrevendor-advisoryx_refsource_SUSE
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/mitrevendor-advisoryx_refsource_FEDORA
usn.ubuntu.com/4414-1/mitrevendor-advisoryx_refsource_UBUNTU
usn.ubuntu.com/4427-1/mitrevendor-advisoryx_refsource_UBUNTU
usn.ubuntu.com/4439-1/mitrevendor-advisoryx_refsource_UBUNTU
www.securityfocus.com/bid/108477mitrevdb-entryx_refsource_BID
git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/mitrex_refsource_MISC
security.netapp.com/advisory/ntap-20190710-0002/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000