Published: 04/07/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 393

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

In arch/x86/lib/insn-eval.c in the Linux kernel prior to 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI (SAS) devices, which could lead to a use-after-free It is not clear how thi ...

Several security issues were fixed in the Linux kernel ...

Impact: Moderate Public Date: 2019-07-04 CWE: CWE-416 Bugzilla: 1727756: CVE-2019-13233 kernel: use-aft ...

CWE-362 CWE-416 https://bugs.chromium.org/p/project-zero/issues/detail?id=1879 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323 https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a4323 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html https://security.netapp.com/advisory/ntap-20190806-0001/https://www.debian.org/security/2019/dsa-4495 https://seclists.org/bugtraq/2019/Aug/13 https://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4093-1/https://usn.ubuntu.com/4117-1/https://usn.ubuntu.com/4118-1/http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html https://access.redhat.com/errata/RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3309 https://support.f5.com/csp/article/K13331647?utm_source=f5support&%3Butm_medium=RSS https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:2851 https://usn.ubuntu.com/4094-1/https://www.debian.org/security/2019/dsa-4495

CVE-2019-13233

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect