Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2019-5489

Published: 07/01/2019 Updated: 24/08/2020
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux

Vulnerability Summary

The mincore() implementation in mm/mincore.c in the Linux kernel up to and including 4.19.13 allowed local malicious users to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

netapp element software management node -

netapp active iq performance analytics services -

Vendor Advisories

Debian CVElist Bug Report Logs: linux-image-4.19.0-4-amd64: CVE-2019-11815
Debian Bug report logs - #928989 linux-image-4190-4-amd64: CVE-2019-11815 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Jeff Cliff <jeffreycliff@gmailcom> Date: Tue, 14 May 2019 18:39:01 UTC Severity: important Tags: security Found in versions l ...
Debian Security Advisories: DSA-4465-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2019-3846 , CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of ar ...
Amazon Linux AMI: ALAS-2019-1214
A flaw was found in the Linux kernel's freescale hypervisor manager implementation A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects (CVE-2019-10142) The d ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common V ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Amazon Linux 2: ALAS2-2019-1214
A flaw was found in the Linux kernel's freescale hypervisor manager implementation A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other adverse security affects(CVE-2019-10142) A new s ...
Red Hat: CVE-2019-5489
A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength ...
Arch Linux Issues:
The mincore() implementation in mm/mincorec in the Linux kernel through 41913 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information (Fixing this affects the output of the fincore program) Limited remote exploitation may be possible, as demonstrat ...
Huawei Security Advisories: Security Advisory - Page-Cache Side-Channel Vulnerability
There is a vlunerability in the mincore() implementation in mm/mincorec in the Linux kernel through 41913 An attacker could exploit this vulnerability to conduct a page-cache side-channel attack, allowing the attacker to view page-cache access patterns of other processes on the system A successful exploit could allow the attacker to access sen ...

Github Repositories

https://github.com/mmxsrup/CVE-2019-5489

Page Cache Side Channel Attacks (CVE-2019-5489) proof of concept for Linux

CVE 2019-5489 This repository contains Page Cache Side Channel Attacks (CVE-2019-5489) proof of concept for Linux In order to evaluate page cache side channel, I have implemented covert channel between two processes The sender process send confidential data to a receiver process via the page cache side channel Page cache attacks has been mitigated in Linux Kenrel 50 and lat

Recent Articles

Linus Torvalds opts for the scream test: Linux kernel syscall tweaked to shut data-leak hole – anyone upset, yell now
The Register • Richard Chirgwin • 08 Jan 2019

And he did it without swearing... folks with broken programs may act otherwise New side-channel leak: Boffins bash operating system page caches until they spill secrets

The Linux kernel will be tweaked to mitigate data-stealing attacks that exploit system page caches. As we revealed first over the weekend, a group of experts – including some of the researchers who discovered the Spectre family of chip flaws – worked out how to get operating system page caches to leak information from one application to another. Among other things, a successful exploit would allow malware or rogue logged-in users to swipe sensitive data from application sandboxes that they s...

Read more...

References

CWE-319https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50ehttps://bugzilla.suse.com/show_bug.cgi?id=1120843https://arxiv.org/abs/1901.01161http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50ehttp://www.securityfocus.com/bid/106478https://security.netapp.com/advisory/ntap-20190307-0001/http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.htmlhttps://www.debian.org/security/2019/dsa-4465https://lists.debian.org/debian-lts-announce/2019/06/msg00010.htmlhttps://lists.debian.org/debian-lts-announce/2019/06/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.htmlhttps://seclists.org/bugtraq/2019/Jun/26http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.htmlhttps://access.redhat.com/errata/RHSA-2019:2043https://access.redhat.com/errata/RHSA-2019:2029https://access.redhat.com/errata/RHSA-2019:2473https://access.redhat.com/errata/RHSA-2019:2808https://access.redhat.com/errata/RHSA-2019:2837https://access.redhat.com/errata/RHSA-2019:2809https://access.redhat.com/errata/RHSA-2019:3517https://access.redhat.com/errata/RHSA-2019:3309https://access.redhat.com/errata/RHSA-2019:3967https://access.redhat.com/errata/RHSA-2019:4056https://access.redhat.com/errata/RHSA-2019:4058https://access.redhat.com/errata/RHSA-2019:4057https://access.redhat.com/errata/RHSA-2019:4164https://access.redhat.com/errata/RHSA-2019:4159https://access.redhat.com/errata/RHSA-2019:4255http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-enhttps://access.redhat.com/errata/RHSA-2020:0204https://www.oracle.com/security-alerts/cpujul2020.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928989https://nvd.nist.govhttps://github.com/mmxsrup/CVE-2019-5489https://www.debian.org/security/2019/dsa-4465
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook