[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Use-after free vulnerability in sockfs_setattr in linux - CVE-2019-8912

Deprecated
ID: oval:org.secpod.oval:def:50966Date: (C)2019-02-25   (M)2024-04-17
Class: VULNERABILITYFamily: unix




In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Platform:
Debian 8.x
Debian 9.x
Product:
linux-image-4.9
linux-image-3.16
Reference:
CVE-2019-8912
CVE    1
CVE-2019-8912
CPE    4
cpe:/a:linux:linux_image:3.16
cpe:/a:linux:linux_image:4.9
cpe:/o:debian:debian_linux:8.x
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies