Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3837

Опубликовано: 11 апр. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.9
CVSS3: 6.1

Описание

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.

РелизСтатусПримечание
bionic

not-affected

4.13.0-16.19
cosmic

not-affected

4.15.0-20.21
devel

not-affected

4.18.0-10.11
esm-infra-legacy/trusty

released

3.13.0-40.69
esm-infra/bionic

not-affected

4.13.0-16.19
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

ignored

end of life, was needs-triage
trusty

released

3.13.0-40.69
trusty/esm

released

3.13.0-40.69
upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

not-affected

4.15.0-1007.7
devel

not-affected

4.18.0-1002.3
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2
upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.15.0-1030.31~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

not-affected

4.15.0-1030.31~16.04.1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

not-affected

4.15.0-1009.9
devel

not-affected

4.18.0-1003.3
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.11.0-1009.9
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1
upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

not-affected

4.11.0-1009.9

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

ignored

end of standard support, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

not-affected

4.15.0-1006.6
devel

not-affected

4.18.0-1002.3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.10.0-1004.4
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.18.0-1004.5~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-1004.5~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.18.0-13.14~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-13.14~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-8.9~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

5.0.0-8.9~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

not-affected

4.15.0-1008.8
devel

not-affected

4.18.0-1003.3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

ignored

end of life, was needs-triage
trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

3.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.3
cosmic

not-affected

4.15.0-1004.5
devel

not-affected

4.15.0-1021.24
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

ignored

end of standard support, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1007.9
cosmic

not-affected

4.15.0-1007.9
devel

not-affected

4.15.0-1007.9
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1007.9
esm-infra/xenial

not-affected

4.15.0-1007.9~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.13.0-1005.5
cosmic

not-affected

4.15.0-1010.11
devel

not-affected

4.18.0-1005.7
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

not-affected

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

3.18~rc1
xenial

not-affected

4.4.0-1012.12

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%
0.00093
Низкий

4.9 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-3837

CVSS3: 6.1
redhat
почти 7 лет назад

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.

nvd логотип

CVE-2019-3837

CVSS3: 6.1
nvd
почти 7 лет назад

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.

debian логотип

CVE-2019-3837

CVSS3: 6.1
debian
почти 7 лет назад

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kern ...

github логотип

GHSA-hx7v-466q-33qj

CVSS3: 6.1
github
больше 3 лет назад

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.

fstec логотип

BDU:2020-02250

CVSS3: 6.1
fstec
почти 7 лет назад

Уязвимость функции tcp_recvmsg() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 26%
0.00093
Низкий

4.9 Medium

CVSS2

6.1 Medium

CVSS3

Уязвимость CVE-2019-3837