7.8
CVE-2019-11487
- EPSS 0.71%
- Veröffentlicht 23.04.2019 22:29:05
- Zuletzt bearbeitet 21.11.2024 04:21:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.4.216
Linux ≫ Linux Kernel Version >= 4.5 < 4.9.181
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.116
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.39
Linux ≫ Linux Kernel Version >= 4.20 < 5.0.12
Linux ≫ Linux Kernel Version5.1 Updaterc1
Linux ≫ Linux Kernel Version5.1 Updaterc2
Linux ≫ Linux Kernel Version5.1 Updaterc3
Linux ≫ Linux Kernel Version5.1 Updaterc4
Debian ≫ Debian Linux Version8.0
Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version19.04
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.71% | 0.486 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://usn.ubuntu.com/4118-1/
https://access.redhat.com/errata/RHSA-2020:0174
https://access.redhat.com/errata/RHSA-2019:2703
https://usn.ubuntu.com/4115-1/
https://access.redhat.com/errata/RHSA-2019:2741
https://security.netapp.com/advisory/ntap-20190517-0005/
http://www.openwall.com/lists/oss-security/2019/04/29/1
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html
http://www.securityfocus.com/bid/108054
https://bugs.chromium.org/p/project-zero/issues/detail?id=1752
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b3a707736301c2128ca85ce85fb13f60b5e350a
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=88b1a17dfc3ed7728316478fae0f5ad508f50397
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fde12ca79aff9b5ba951fce1a2641901b8d8e64
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f958d7b528b1b40c44cfda5eabe2d82760d868c3
https://github.com/torvalds/linux/commit/15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
https://github.com/torvalds/linux/commit/6b3a707736301c2128ca85ce85fb13f60b5e350a
https://github.com/torvalds/linux/commit/88b1a17dfc3ed7728316478fae0f5ad508f50397
https://github.com/torvalds/linux/commit/8fde12ca79aff9b5ba951fce1a2641901b8d8e64
https://github.com/torvalds/linux/commit/f958d7b528b1b40c44cfda5eabe2d82760d868c3
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
https://lwn.net/Articles/786044/
https://support.f5.com/csp/article/K14255532
https://usn.ubuntu.com/4069-1/
https://usn.ubuntu.com/4069-2/
https://usn.ubuntu.com/4145-1/