Published: 08/05/2019 Updated: 21/07/2021

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 829

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

An issue exists in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel prior to 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 5.1
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04
debian debian linux 8.0
debian debian linux 9.0
opensuse leap 15.0
opensuse leap 15.1
opensuse leap 42.3
netapp active iq unified manager
netapp hci management node -
netapp snapprotect -
netapp solidfire -
netapp storage replication adapter 7.2
netapp vasa provider for clustered data ontap
netapp virtual storage console
netapp hci compute node -
netapp hci storage node -
netapp cn1610_firmware -

Debian Bug report logs - #928989 linux-image-4190-4-amd64: CVE-2019-11815 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Jeff Cliff <jeffreycliff@gmailcom> Date: Tue, 14 May 2019 18:39:01 UTC Severity: important Tags: security Found in versions l ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2019-3846 , CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of ar ...

A flaw was found in the Linux kernel's implementation of RDS over TCP A system that has the rds_tcp kernel module loaded (either through autoload via local process running listen(), or manual loading) could possibly cause a use after free (UAF) in which an attacker who is able to manipulate socket state while a network namespace is being torn down ...

Several security issues were fixed in the Linux kernel ...

Several policy updates were made for running under the recently updated Linux kernel ...

Several security issues were fixed in the Linux kernel ...

Impact: Important Public Date: 2019-05-08 CWE: CWE-362 Bugzilla: 1708518: CVE-2019-11815 kernel: race c ...

CWE-362 CWE-416 https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb66ddd156203daefb8d71158036b27b0e2caf63 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8 http://www.securityfocus.com/bid/108283 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html https://support.f5.com/csp/article/K32019083 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html https://usn.ubuntu.com/4008-1/https://usn.ubuntu.com/4005-1/https://usn.ubuntu.com/4008-3/https://www.debian.org/security/2019/dsa-4465 https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html https://seclists.org/bugtraq/2019/Jun/26 https://security.netapp.com/advisory/ntap-20190719-0003/https://usn.ubuntu.com/4068-1/https://usn.ubuntu.com/4068-2/http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html https://usn.ubuntu.com/4118-1/https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928989 https://usn.ubuntu.com/4005-1/https://www.debian.org/security/2019/dsa-4465

CVE-2019-11815

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect