CVE-2019-11487
Published Apr 23, 2019
Last updated 2 years ago
Overview
- Description
- The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-416
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84F5A0DE-DC7D-4E4D-B782-02E5E65DA3FD",
"versionEndExcluding": "4.4.216"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26A52A04-54E8-4081-ABFD-F3F78CFE91D0",
"versionEndExcluding": "4.9.181",
"versionStartIncluding": "4.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDAD30D2-82DF-4958-A36A-C081D0D11B2F",
"versionEndExcluding": "4.14.116",
"versionStartIncluding": "4.10"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FE90DA3-FCF8-440A-9DBB-5B6A7F58DBF1",
"versionEndExcluding": "4.19.39",
"versionStartIncluding": "4.15"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B74AFC84-0586-4442-9101-51E7B295293C",
"versionEndExcluding": "5.0.12",
"versionStartIncluding": "4.20"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2258D313-BAF7-482D-98E0-79F2A448287B"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1578A37C-C7CC-4B36-8668-6A1AED63B0A8"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.1:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49BD6839-AB64-48DA-9D1D-18B4508AF652"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.1:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1E5129A-F85C-432A-988D-6C3ED03EC04D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"
}
],
"operator": "OR"
}
]
}
]