CVE-2019-10207: Null Pointer Dereference

Published Jul 29, 2019
·
Updated

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

Other sources

A flaw was found in the Linux kernel’s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

A flaw was found in the Linux kernels bluetooth implementation of UART. A local attacker with write permissions to the bluetooth device can cause a system crash by issuing a specially crafted ioctl function call.

Terminal control operations set on this device node will end up attempting to jump to the null (0x0) page for instruction execution. The kernel code can attempt to execute code in a worker-thread context which does not have the null page mapped.

At this time it is understood to be a local denial of service and no privilege escalation is available.

Upstream submission: https://lore.kernel.org/linux-bluetooth/20190725120909.31235-1-vdronov@redhat.com/T/#u

Oss-security discussion: https://www.openwall.com/lists/oss-security/2019/07/25/1

Red Hat

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the hciuartsetflowcontrol function. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.

IBM

Affected Software

8 affected componentsFixes available
redhat/kernel-rt<0:3.10.0-1127.rt56.1093.el7
0:3.10.0-1127.rt56.1093.el7
redhat/kernel<0:3.10.0-1127.el7
0:3.10.0-1127.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
0:4.18.0-147.el8
IBM Data Risk Manager<=2.0.6
Linux Linux kernel>=3.0<4.18.0
Linux Linux kernel>=5.0<=5.4
debian/linux
5.10.223-15.10.257-16.1.170-36.1.174-16.12.86-16.12.90-27.0.10-17.0.12-1

Remediation

Patch Available

https://git.kernel.org/linus/b3190df628617c7a4f188a9465aeabe1f5761933

Patch Available

https://git.kernel.org/linus/b36a1552d7319bbfd5cf7f08726c23c5c66d4f73

Patch Available

https://git.kernel.org/linus/118612fb91657f041f47d7a29d09e02a86a62ed7

Patch Available

https://git.kernel.org/linus/ff2895592f0fccc59332d5c7d4917ccbecd7468e

Patch Available

https://git.kernel.org/linus/162f812f23bab583f5d514ca0e4df67797ac9cdf

Patch Available

https://git.kernel.org/linus/fa9ad876b8e0ebd2b4367ef1580f89be64ebd5d3

Event History

Jul 29, 2019
Data Sourced
via Red Hat·05:52 AM
DescriptionSeverityAffected Software
CVE Published
01:00 PM
Nov 25, 2019
CVE Published
via MITRE·01:51 PM
Data Sourced
via MITRE·01:51 PM
DescriptionSeverityWeakness
Jan 11, 2024
Data Sourced
via Launchpad·11:12 PM
Description
May 23, 2026
Data Sourced
via Ubuntu·09:46 AM
RemedyDescriptionSeverityAffected Software
Jun 10, 2026
Data Sourced
via Debian·10:03 AM
DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2019-10207?

CVE-2019-10207 is classified as a high severity vulnerability in the Linux kernel's Bluetooth implementation.

2

How do I fix CVE-2019-10207?

To fix CVE-2019-10207, upgrade to kernel versions 4.18.0 or later, or to specific patched versions provided by your Linux distribution.

3

What kind of access is required to exploit CVE-2019-10207?

An attacker needs local access and write permissions to the Bluetooth hardware to exploit CVE-2019-10207.

4

Which Linux kernel versions are affected by CVE-2019-10207?

CVE-2019-10207 affects all Linux kernel versions from 3.x.x before 4.18.0 and 5.x.x up to 5.4.

5

Is CVE-2019-10207 specific to any distribution?

While CVE-2019-10207 affects the general Linux kernel, specific distributions like Red Hat and Debian have their own patched releases available.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203