How severe is CVE-2019-5108?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2019-5108?

This is classified as CWE-440, which is a common weakness in software security.

CVE-2019-5108

HIGH Year: 2019

CVSS v3 Score

7.4

High

CVSS v2 Score

3.3

Low

Weakness Type

CWE-440

View all →

Vulnerability Description

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.

CVE-2019-5061

HIGH

CVSS:7.4(High)

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has ...

CWE-4402019

CVE-2019-5062

HIGH

CVSS:7.4(High)

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association,...

CWE-4402019

CVE-2022-3281

HIGH

CVSS:7.5(High)

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote...

CWE-4402022

CVE-2023-32731

HIGH

CVSS:7.5(High)

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of...

CWE-4402023

CVE-2024-6281

HIGH

CVSS:7.3(High)

A path traversal vulnerability exists in the `apply_settings` function of parisneo/lollms versions prior to 9.5.1. The `sanitize_path` function does not adequately secure the `discussion_db_name` para...

CWE-4402024

CVE-2024-30246

HIGH

CVSS:7.1(High)

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly ...

CWE-4402024

CVE-2019-5108

Vulnerability Description

Related Vulnerabilities

CVE-2019-5061

CVE-2019-5062

CVE-2022-3281

CVE-2023-32731

CVE-2024-6281

CVE-2024-30246