Описание
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
Ссылки
- ExploitMailing ListPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- ExploitMailing ListPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
Уязвимые конфигурации
EPSS
7 High
CVSS3
7 High
CVSS3
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 w ...
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
Уязвимость компонентов mmget_not_zero()/get_task_mm() ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
EPSS
7 High
CVSS3
7 High
CVSS3
6.9 Medium
CVSS2