Executive Summary

Informations
NameCVE-2019-11599First vendor Publication2019-04-29
VendorCveLast vendor Modification2019-05-28

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score6.9Attack RangeLocal
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11599

CWE : Common Weakness Enumeration

%idName
100 %CWE-362Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2988

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108113
BUGTRAQ https://seclists.org/bugtraq/2019/Jul/33
https://seclists.org/bugtraq/2019/Jun/26
CONFIRM https://security.netapp.com/advisory/ntap-20190517-0002/
https://support.f5.com/csp/article/K51674118
https://support.f5.com/csp/article/K51674118?utm_source=f5support&utm...
DEBIAN https://www.debian.org/security/2019/dsa-4465
EXPLOIT-DB https://www.exploit-db.com/exploits/46781/
MISC http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slack...
https://bugs.chromium.org/p/project-zero/issues/detail?id=1790
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04...
https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d...
MLIST http://www.openwall.com/lists/oss-security/2019/04/29/1
http://www.openwall.com/lists/oss-security/2019/04/29/2
http://www.openwall.com/lists/oss-security/2019/04/30/1
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
REDHAT https://access.redhat.com/errata/RHSA-2019:2029
https://access.redhat.com/errata/RHSA-2019:2043
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
UBUNTU https://usn.ubuntu.com/4069-1/
https://usn.ubuntu.com/4069-2/
https://usn.ubuntu.com/4095-1/
https://usn.ubuntu.com/4115-1/
https://usn.ubuntu.com/4118-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
DateInformations
2019-10-10 12:11:08
  • Multiple Updates
2019-09-12 12:10:54
  • Multiple Updates
2019-09-03 12:03:28
  • Multiple Updates
2019-08-14 12:10:31
  • Multiple Updates
2019-08-07 12:10:27
  • Multiple Updates
2019-08-06 12:03:44
  • Multiple Updates
2019-08-02 12:10:27
  • Multiple Updates
2019-07-26 12:02:37
  • Multiple Updates
2019-07-24 12:05:05
  • Multiple Updates
2019-07-23 12:02:13
  • Multiple Updates
2019-07-21 12:01:15
  • Multiple Updates
2019-07-20 12:03:33
  • Multiple Updates
2019-07-17 12:10:55
  • Multiple Updates
2019-07-02 15:40:01
  • Multiple Updates
2019-06-19 12:10:03
  • Multiple Updates
2019-06-18 12:09:52
  • Multiple Updates
2019-06-15 12:10:33
  • Multiple Updates
2019-05-29 00:18:57
  • Multiple Updates
2019-05-17 17:19:35
  • Multiple Updates
2019-05-11 00:19:02
  • Multiple Updates
2019-05-03 21:19:27
  • Multiple Updates
2019-05-01 13:19:06
  • Multiple Updates
2019-05-01 00:19:05
  • Multiple Updates
2019-04-30 17:19:15
  • Multiple Updates
2019-04-30 09:19:26
  • Multiple Updates
2019-04-30 05:19:23
  • Multiple Updates
2019-04-30 00:18:57
  • First insertion