CVE-2019-3819 MEDIUM

CVE-2019-3819

Vendor The Linux Foundation

Product kernel:

Weakness CWE-835

Published January 25, 2019

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

4.2/10

Attack vector Local

Attack complexity Low

Privileges required High

User interaction Required

Confidentiality None

Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Versions from v4.18 and newer are vulnerable.

Key dates

02Disclosure timeline

January 25, 2019 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-3819 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/835.html

Related vulnerabilities

04Related CVE

CVE-2021-37621 Denial of service due to infinite loop in Image::printIFDStructure CVE-2026-21507 iccDEV is Vulnerable to Denial of Service via Infinite Loop in CalcProfileID() CVE-2026-39934 Growth Experiments ReassignMenteesJob runs as an infinite loop CVE-2024-23352 Loop with Unreachable Exit Condition (`Infinite Loop`) in Multi Mode Call Processor CVE-2021-39194 Denial of service while parsing polymorphic input with tagged polymorphism style in kaml