CVE-2019-10125

Опубликовано: 25 фев. 2019

Источник: redhat

CVSS3: 7.3

Описание

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

A flaw was found in the Linux kernel's aio_poll() function. Due to incorrect logic, this flaw can create a use-after-free memory condition where an attacker could submit malicious input to possibly execute arbitrary code resulting in privilege escalation.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-119->CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1695074kernel: use-after-free in aio_poll() in fs/aio.c

7.3 High

CVSS3

Связанные уязвимости

CVE-2019-10125

CVSS3: 9.8

ubuntu

почти 7 лет назад

CVE-2019-10125

CVSS3: 9.8

nvd

почти 7 лет назад

CVE-2019-10125

CVSS3: 9.8

debian

почти 7 лет назад

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel ...

GHSA-xg7j-75jq-gm7f

CVSS3: 9.8

github

больше 3 лет назад

7.3 High

CVSS3