Описание
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
Ссылки
- ExploitMailing ListPatchThird Party Advisory
- Mailing ListRelease NotesVendor Advisory
- Mailing ListPatchVendor Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
EPSS
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
Связанные уязвимости
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is ...
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
EPSS
7 High
CVSS3
4.4 Medium
CVSS2