Unrated severityNVD Advisory· Published Nov 4, 2019· Updated Aug 5, 2024
CVE-2019-18680
CVE-2019-18680
Description
An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.
Affected products
51- Linux/Linux kerneldescription
- osv-coords50 versionspkg:rpm/suse/kernel-default&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kernel-source&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kernel-syms&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_32&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_32&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_33&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_33&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_33&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_28&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_28&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_29&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_29&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_30&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 4.4.180-94.113.1+ 49 more
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.121-92.125.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 4.4.180-94.113.1
- (no CPE)range: < 9-2.2
- (no CPE)range: < 9-2.2
- (no CPE)range: < 1-3.5.1
- (no CPE)range: < 1-3.5.1
- (no CPE)range: < 1-3.5.1
- (no CPE)range: < 9-2.2
- (no CPE)range: < 9-2.2
- (no CPE)range: < 7-2.2
- (no CPE)range: < 7-2.2
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
Patches
191573ae4aed0net: rds: Fix NULL ptr use in rds_tcp_kill_sock
1 file changed · +5 −3
net/rds/tcp.c+5 −3 modified@@ -352,9 +352,11 @@ static void rds_tcp_kill_sock(struct net *net) } spin_unlock_irq(&rds_tcp_conn_lock); list_for_each_entry_safe(tc, _tc, &tmp_list, t_tcp_node) { - sk = tc->t_sock->sk; - sk->sk_prot->disconnect(sk, 0); - tcp_done(sk); + if (tc->t_sock) { + sk = tc->t_sock->sk; + sk->sk_prot->disconnect(sk, 0); + tcp_done(sk); + } if (tc->conn->c_passive) rds_conn_destroy(tc->conn->c_passive); rds_conn_destroy(tc->conn);
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.195mitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/mitrex_refsource_MISC
- github.com/torvalds/linux/commit/91573ae4aed0a49660abdad4d42f2a0db995ee5emitrex_refsource_MISC
- lkml.org/lkml/2019/9/18/337mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20191205-0001/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.