Executive Summary

Informations
Name CVE-2019-13233 First vendor Publication 2019-07-04
Vendor Cve Last vendor Modification 2019-07-20

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7
Base Score 7 Environmental Score 7
impact SubScore 5.9 Temporal Score 7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.4 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13233

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-416 Use After Free
50 % CWE-362 Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 3298

Sources (Detail)

Source Url
BUGTRAQ https://seclists.org/bugtraq/2019/Aug/13
CONFIRM https://security.netapp.com/advisory/ntap-20190806-0001/
https://support.f5.com/csp/article/K13331647?utm_source=f5support&utm...
DEBIAN https://www.debian.org/security/2019/dsa-4495
MISC http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice...
https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de...
https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a...
REDHAT https://access.redhat.com/errata/RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3517
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
UBUNTU https://usn.ubuntu.com/4093-1/
https://usn.ubuntu.com/4094-1/
https://usn.ubuntu.com/4117-1/
https://usn.ubuntu.com/4118-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Date Informations
2020-08-11 12:24:09
  • Multiple Updates
2020-08-08 01:23:57
  • Multiple Updates
2020-08-07 12:24:24
  • Multiple Updates
2020-08-07 01:25:09
  • Multiple Updates
2020-08-01 12:24:01
  • Multiple Updates
2020-07-30 01:24:49
  • Multiple Updates
2020-05-24 01:27:38
  • Multiple Updates
2020-05-23 02:22:34
  • Multiple Updates
2019-09-12 12:11:01
  • Multiple Updates
2019-09-10 12:10:51
  • Multiple Updates
2019-09-03 12:03:33
  • Multiple Updates
2019-08-28 12:05:37
  • Multiple Updates
2019-08-14 12:10:36
  • Multiple Updates
2019-08-13 12:07:17
  • Multiple Updates
2019-08-12 12:02:40
  • Multiple Updates
2019-08-07 12:10:31
  • Multiple Updates
2019-08-06 12:03:50
  • Multiple Updates
2019-07-20 17:19:15
  • Multiple Updates
2019-07-10 21:19:27
  • Multiple Updates
2019-07-05 17:19:05
  • Multiple Updates
2019-07-04 17:19:25
  • First insertion