[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-11815Date: (C)2019-05-16   (M)2024-04-19


An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.1CVSS Score : 9.3
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-108283
https://seclists.org/bugtraq/2019/Jun/26
DSA-4465
USN-4005-1
USN-4008-1
USN-4008-3
USN-4068-1
USN-4068-2
USN-4118-1
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb66ddd156203daefb8d71158036b27b0e2caf63
https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63
https://security.netapp.com/advisory/ntap-20190719-0003/
https://support.f5.com/csp/article/K32019083
openSUSE-SU-2019:1404
openSUSE-SU-2019:1407
openSUSE-SU-2019:1479

CPE    4
cpe:/o:debian:debian_linux:9.0
cpe:/o:linux:linux_kernel
cpe:/o:debian:debian_linux:8.0
cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
...
CWE    1
CWE-362
OVAL    27
oval:org.secpod.oval:def:603945
oval:org.secpod.oval:def:1502540
oval:org.secpod.oval:def:89003381
oval:org.secpod.oval:def:89050918
...

© SecPod Technologies