CVE-2019-12817

Опубликовано: 24 июн. 2019

Источник: redhat

CVSS3: 7

Описание

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.

A flaw was found in the way the Linux kernel's memory subsystem on certain 64-bit PowerPCs with the hash page table MMU handled memory above 512TB. A local, unprivileged user could use this flaw to escalate their privileges on the system.

Отчет

Red Hat Product Security is aware of this issue. Updates will be released as they become available.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2019:2703	12.09.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-119->CWE-125

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1720616kernel: ppc: unrelated processes being able to read/write to each other's virtual memory

7 High

CVSS3

Связанные уязвимости

CVE-2019-12817

CVSS3: 7

ubuntu

больше 6 лет назад

CVE-2019-12817

CVSS3: 7

nvd

больше 6 лет назад

CVE-2019-12817

CVSS3: 7

debian

больше 6 лет назад

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1. ...

SUSE-SU-2019:1769-1

suse-cvrf

около 6 лет назад

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)

GHSA-47g7-45f4-j83m

CVSS3: 7

github

больше 3 лет назад

7 High

CVSS3