Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-9455

Опубликовано: 03 сент. 2019
Источник: redhat
CVSS3: 2.3
EPSS Низкий

Описание

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

A flaw was found in the Linux kernel's video driver. A kernel pointer lead, due to a WARN_ON statement could lead to a local information disclosure with system execution privileges. User interaction is not needed for exploitation. The highest threat from this vulnerability is to data confidentiality.

Отчет

This issue is marked as having Low impact because the information leak is very subtle and can be only used to break KASLR and not provide access to kernel memory content.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2020:460904.11.2020
Red Hat Enterprise Linux 8kernelFixedRHSA-2020:443104.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1819399kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure

EPSS

Процентиль: 5%
0.00023
Низкий

2.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-9455

CVSS3: 2.3
ubuntu
почти 6 лет назад

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

nvd логотип

CVE-2019-9455

CVSS3: 2.3
nvd
почти 6 лет назад

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

debian логотип

CVE-2019-9455

CVSS3: 2.3
debian
почти 6 лет назад

In the Android kernel in the video driver there is a kernel pointer le ...

github логотип

GHSA-4m68-w7c2-h86j

CVSS3: 2.3
github
около 3 лет назад

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

suse-cvrf логотип

SUSE-SU-2020:1605-1

suse-cvrf
около 5 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 5%
0.00023
Низкий

2.3 Low

CVSS3