How severe is CVE-2019-15902?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.6 out of 10.

What type of vulnerability is CVE-2019-15902?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2019-15902

MEDIUM Year: 2019

CVSS v3 Score

5.6

Medium

CVSS v2 Score

4.7

Medium

Weakness Type

CWE-200

View all →

Vulnerability Description

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.

CVE-2003-20001

MEDIUM

CVSS:5.6(Medium)

An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges infor...

CWE-2002003

CVE-2017-5754

MEDIUM

CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel an...

CWE-2002017

CVE-2018-10472

MEDIUM

CVSS:5.6(Medium)

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying...

CWE-2002018

CVE-2018-12126

MEDIUM

CVSS:5.6(Medium)

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosur...

CWE-2002018

CVE-2018-12127

MEDIUM

CVSS:5.6(Medium)

Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via ...

CWE-2002018

CVE-2018-12130

MEDIUM

CVSS:5.6(Medium)

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure ...

CWE-2002018

CVE-2019-15902

Vulnerability Description

Related Vulnerabilities

CVE-2003-20001

CVE-2017-5754

CVE-2018-10472

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130