Executive Summary

Informations
NameCVE-2019-8912First vendor Publication2019-02-18
VendorCveLast vendor Modification2019-04-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8912

CWE : Common Weakness Enumeration

%idName
100 %CWE-416Use After Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3018
Os1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/107063
MISC http://patchwork.ozlabs.org/patch/1042902/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-8912
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html
UBUNTU https://usn.ubuntu.com/3930-1/
https://usn.ubuntu.com/3930-2/
https://usn.ubuntu.com/3931-1/
https://usn.ubuntu.com/3931-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
DateInformations
2019-04-24 12:08:55
  • Multiple Updates
2019-04-12 17:19:18
  • Multiple Updates
2019-04-05 00:19:09
  • Multiple Updates
2019-04-03 09:19:34
  • Multiple Updates
2019-03-29 01:09:02
  • Multiple Updates
2019-03-06 21:19:31
  • Multiple Updates
2019-02-26 00:19:39
  • Multiple Updates
2019-02-21 12:07:39
  • Multiple Updates
2019-02-20 12:09:51
  • Multiple Updates
2019-02-19 12:01:12
  • First insertion