{"api_version":"1","generated_at":"2026-04-23T02:57:55+00:00","cve":"CVE-2019-10207","urls":{"html":"https://cve.report/CVE-2019-10207","api":"https://cve.report/api/cve/CVE-2019-10207.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-10207","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-10207"},"summary":{"title":"CVE-2019-10207","description":"A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2019-11-25 14:15:00","updated_at":"2023-02-12 23:33:00"},"problem_types":["CWE-476"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2020:1070","name":"https://access.redhat.com/errata/RHSA-2020:1070","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:3309","name":"https://access.redhat.com/errata/RHSA-2019:3309","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:3517","name":"https://access.redhat.com/errata/RHSA-2019:3517","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2020:1016","name":"https://access.redhat.com/errata/RHSA-2020:1016","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1733874","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1733874","refsource":"MISC","tags":[],"title":"1733874 – (CVE-2019-10207) CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20200103-0001/","name":"https://security.netapp.com/advisory/ntap-20200103-0001/","refsource":"CONFIRM","tags":[],"title":"December 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207","refsource":"CONFIRM","tags":["Issue Tracking","Third Party Advisory"],"title":"1733874 – (CVE-2019-10207) CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2019-10207","name":"https://access.redhat.com/security/cve/CVE-2019-10207","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-10207","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10207","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"10207","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"10207","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"10207","vulnerable":"1","versionEndIncluding":"5.4","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-10207","qid":"159453","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9534)"},{"cve":"CVE-2019-10207","qid":"390250","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0036)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2019-10207","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-476","cweId":"CWE-476"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_affected":"=","version_value":"all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x"}]}}]}}]}},"references":{"reference_data":[{"url":"https://security.netapp.com/advisory/ntap-20200103-0001/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20200103-0001/"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207"}]},"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":4.7,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"}]}},"nvd":{"publishedDate":"2019-11-25 14:15:00","lastModifiedDate":"2023-02-12 23:33:00","problem_types":["CWE-476"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndIncluding":"5.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"4.18.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"10207","Ordinal":"148424","Title":"CVE-2019-10207","CVE":"CVE-2019-10207","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"10207","Ordinal":"1","NoteData":"A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"10207","Ordinal":"2","NoteData":"2019-11-25","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"10207","Ordinal":"3","NoteData":"2020-01-03","Type":"Other","Title":"Modified"}]}}}