Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-5489

Опубликовано: 07 янв. 2019
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 4.19.13 (включая)
Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*

EPSS

Процентиль: 52%
0.00291
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-319

Связанные уязвимости

ubuntu логотип

CVE-2019-5489

CVSS3: 5.5
ubuntu
больше 6 лет назад

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

redhat логотип

CVE-2019-5489

CVSS3: 7.1
redhat
больше 6 лет назад

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

debian логотип

CVE-2019-5489

CVSS3: 5.5
debian
больше 6 лет назад

The mincore() implementation in mm/mincore.c in the Linux kernel throu ...

github логотип

GHSA-384f-f7vj-vfh4

CVSS3: 5.5
github
около 3 лет назад

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

fstec логотип

BDU:2019-00067

CVSS3: 5.5
fstec
больше 6 лет назад

Уязвимость функции mincore () ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 52%
0.00291
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-319