Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10125

Опубликовано: 27 мар. 2019
Источник: nvd
CVSS3: 9.8
CVSS2: 10
EPSS Низкий

Описание

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.19 (включая) до 4.19.38 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.0 (включая) до 5.0.5 (исключая)
cpe:2.3:o:linux:linux_kernel:5.1:rc1:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
Версия от 9.5 (включая)
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.04187
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2019-10125

CVSS3: 9.8
ubuntu
почти 7 лет назад

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

redhat логотип

CVE-2019-10125

CVSS3: 7.3
redhat
почти 7 лет назад

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

debian логотип

CVE-2019-10125

CVSS3: 9.8
debian
почти 7 лет назад

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel ...

github логотип

GHSA-xg7j-75jq-gm7f

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

EPSS

Процентиль: 88%
0.04187
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-416