Executive Summary

Informations
NameCVE-2019-3896First vendor Publication2019-06-18
VendorCveLast vendor Modification2019-07-01

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3896

CWE : Common Weakness Enumeration

%idName
100 %CWE-415Double Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Os766
Os1
Os1
Os2
Os1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108814
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3896
https://security.netapp.com/advisory/ntap-20190710-0002/
https://support.f5.com/csp/article/K04327111

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2019-07-11 12:10:23
  • Multiple Updates
2019-07-02 05:18:53
  • Multiple Updates
2019-06-19 21:19:41
  • Multiple Updates
2019-06-19 17:20:08
  • Multiple Updates
2019-06-19 09:19:34
  • First insertion