7

CVE-2019-12817

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version18.10
CanonicalUbuntu Linux Version19.04
LinuxLinux Kernel Version < 5.1.15
FedoraprojectFedora Version29
FedoraprojectFedora Version30
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
OpensuseLeap Version15.1
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Eus Version8.1
RedhatEnterprise Linux Eus Version8.2
RedhatEnterprise Linux Eus Version8.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.302
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/errata/RHSA-2019:2703
Third Party Advisory
https://seclists.org/bugtraq/2019/Aug/13
Third Party Advisory
Mailing List
https://www.debian.org/security/2019/dsa-4495
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2019/06/24/5
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/108884
Broken Link
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OTLN3KQYEEWWAJYA4BUYYDMWWXCJQNV2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSKLL2374YGFQR6LSVCFGTTCRGBTLAWZ/
https://support.f5.com/csp/article/K12876166
Third Party Advisory
https://support.f5.com/csp/article/K12876166?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4031-1/
Third Party Advisory