5.6

CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.19
LinuxLinux Kernel Version >= 4.20.0 < 4.20.6
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version18.10
OpensuseLeap Version15.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.412
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.6 1.1 4
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:C/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://usn.ubuntu.com/3931-1/
Third Party Advisory
https://usn.ubuntu.com/3931-2/
Third Party Advisory
https://usn.ubuntu.com/3930-1/
Third Party Advisory
https://usn.ubuntu.com/3930-2/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38
Patch
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3bd7413e0ca40b60cf60d4003246d067cafdeda
Patch
Third Party Advisory
http://www.securityfocus.com/bid/106827
Third Party Advisory
VDB Entry
https://bugs.chromium.org/p/project-zero/issues/detail?id=1711
Patch
Third Party Advisory
Issue Tracking
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.6
Third Party Advisory
https://github.com/torvalds/linux/commit/979d63d50c0c0f7bc537bf821e056cc9fe5abd38
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/d3bd7413e0ca40b60cf60d4003246d067cafdeda
Patch
Third Party Advisory
https://support.f5.com/csp/article/K43030517
https://support.f5.com/csp/article/K43030517?utm_source=f5support&amp%3Butm_medium=RSS