csaf_suse - suse-su-2019:0722-1

suse-su-2019:0722-1

Vulnerability from csaf_suse

Published

2019-03-25 08:46

Modified

2019-03-25 08:46

Summary

Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)

Notes

Title of the patch

Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)

Description of the patch

This update for the Linux Kernel 4.4.121-92_95 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).

Patchnames

SUSE-2019-722,SUSE-SLE-SAP-12-SP2-2019-722,SUSE-SLE-SERVER-12-SP2-2019-722

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 4.4.121-92_95 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378).\n- CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734).\n- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2019-722,SUSE-SLE-SAP-12-SP2-2019-722,SUSE-SLE-SERVER-12-SP2-2019-722",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0722-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2019:0722-1",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190722-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2019:0722-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005230.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1124729",
        "url": "https://bugzilla.suse.com/1124729"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1124734",
        "url": "https://bugzilla.suse.com/1124734"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1128378",
        "url": "https://bugzilla.suse.com/1128378"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-6974 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-6974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-7221 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-7221/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9213 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9213/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)",
    "tracking": {
      "current_release_date": "2019-03-25T08:46:22Z",
      "generator": {
        "date": "2019-03-25T08:46:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2019:0722-1",
      "initial_release_date": "2019-03-25T08:46:22Z",
      "revision_history": [
        {
          "date": "2019-03-25T08:46:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
                  "product_id": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
                  "product_id": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-6974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-6974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-6974",
          "url": "https://www.suse.com/security/cve/CVE-2019-6974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1124728 for CVE-2019-6974",
          "url": "https://bugzilla.suse.com/1124728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1124729 for CVE-2019-6974",
          "url": "https://bugzilla.suse.com/1124729"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-25T08:46:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-6974"
    },
    {
      "cve": "CVE-2019-7221",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-7221"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-7221",
          "url": "https://www.suse.com/security/cve/CVE-2019-7221"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1124732 for CVE-2019-7221",
          "url": "https://bugzilla.suse.com/1124732"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1124734 for CVE-2019-7221",
          "url": "https://bugzilla.suse.com/1124734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-25T08:46:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-7221"
    },
    {
      "cve": "CVE-2019-9213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9213",
          "url": "https://www.suse.com/security/cve/CVE-2019-9213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1128166 for CVE-2019-9213",
          "url": "https://bugzilla.suse.com/1128166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1128378 for CVE-2019-9213",
          "url": "https://bugzilla.suse.com/1128378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129016 for CVE-2019-9213",
          "url": "https://bugzilla.suse.com/1129016"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-25T08:46:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9213"
    }
  ]
}

CVE-2019-7221 (GCVE-0-2019-7221)

Vulnerability from cvelistv5

Published

2019-03-17 18:26

Modified

2024-08-04 20:46

Severity ?

CWE

Summary

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

References

►

URL

Tags

	http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/	vendor-advisory, x_refsource_FEDORA
	https://github.com/torvalds/linux/commits/master/arch/x86/kvm	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2019/02/18/2	x_refsource_MISC
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f	x_refsource_CONFIRM
	https://bugs.chromium.org/p/project-zero/issues/detail?id=1760	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3932-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3932-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-2/	vendor-advisory, x_refsource_UBUNTU
	https://security.netapp.com/advisory/ntap-20190404-0002/	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:0833	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:0818	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHBA-2019:0959	vendor-advisory, x_refsource_REDHAT
	https://support.f5.com/csp/article/K08413011	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:3967	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4058	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:44.758Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html"
          },
          {
            "name": "FEDORA-2019-164946aa7f",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/"
          },
          {
            "name": "FEDORA-2019-3da64f3e61",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commits/master/arch/x86/kvm"
          },
          {
            "name": "SUSE-SA-2019:0203-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/02/18/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "USN-3932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-1/"
          },
          {
            "name": "USN-3932-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-2/"
          },
          {
            "name": "USN-3930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-1/"
          },
          {
            "name": "USN-3931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-1/"
          },
          {
            "name": "USN-3931-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-2/"
          },
          {
            "name": "USN-3930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
          },
          {
            "name": "RHSA-2019:0833",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0833"
          },
          {
            "name": "RHSA-2019:0818",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0818"
          },
          {
            "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
          },
          {
            "name": "RHBA-2019:0959",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHBA-2019:0959"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K08413011"
          },
          {
            "name": "RHSA-2019:3967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3967"
          },
          {
            "name": "RHSA-2019:4058",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4058"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-03T11:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html"
        },
        {
          "name": "FEDORA-2019-164946aa7f",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/"
        },
        {
          "name": "FEDORA-2019-3da64f3e61",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commits/master/arch/x86/kvm"
        },
        {
          "name": "SUSE-SA-2019:0203-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/02/18/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "USN-3932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-1/"
        },
        {
          "name": "USN-3932-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-2/"
        },
        {
          "name": "USN-3930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-1/"
        },
        {
          "name": "USN-3931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-1/"
        },
        {
          "name": "USN-3931-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-2/"
        },
        {
          "name": "USN-3930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
        },
        {
          "name": "RHSA-2019:0833",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0833"
        },
        {
          "name": "RHSA-2019:0818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0818"
        },
        {
          "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
        },
        {
          "name": "RHBA-2019:0959",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2019:0959"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K08413011"
        },
        {
          "name": "RHSA-2019:3967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3967"
        },
        {
          "name": "RHSA-2019:4058",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4058"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7221",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html"
            },
            {
              "name": "FEDORA-2019-164946aa7f",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/"
            },
            {
              "name": "FEDORA-2019-3da64f3e61",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/"
            },
            {
              "name": "https://github.com/torvalds/linux/commits/master/arch/x86/kvm",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commits/master/arch/x86/kvm"
            },
            {
              "name": "SUSE-SA-2019:0203-1",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2019/02/18/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2019/02/18/2"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760",
              "refsource": "CONFIRM",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "USN-3932-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-1/"
            },
            {
              "name": "USN-3932-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-2/"
            },
            {
              "name": "USN-3930-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-1/"
            },
            {
              "name": "USN-3931-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-1/"
            },
            {
              "name": "USN-3931-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-2/"
            },
            {
              "name": "USN-3930-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-2/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190404-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
            },
            {
              "name": "RHSA-2019:0833",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0833"
            },
            {
              "name": "RHSA-2019:0818",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0818"
            },
            {
              "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
            },
            {
              "name": "RHBA-2019:0959",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHBA-2019:0959"
            },
            {
              "name": "https://support.f5.com/csp/article/K08413011",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K08413011"
            },
            {
              "name": "RHSA-2019:3967",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3967"
            },
            {
              "name": "RHSA-2019:4058",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4058"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7221",
    "datePublished": "2019-03-17T18:26:10",
    "dateReserved": "2019-01-30T00:00:00",
    "dateUpdated": "2024-08-04T20:46:44.758Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-9213 (GCVE-0-2019-9213)

Vulnerability from cvelistv5

Published

2019-03-05 22:00

Modified

2024-08-04 21:38

Severity ?

CWE

Summary

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.

References

►

URL

Tags

	https://www.exploit-db.com/exploits/46502/	exploit, x_refsource_EXPLOIT-DB
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105	x_refsource_MISC
	https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1	x_refsource_MISC
	http://www.securityfocus.com/bid/107296	vdb-entry, x_refsource_BID
	https://bugs.chromium.org/p/project-zero/issues/detail?id=1792	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html	vendor-advisory, x_refsource_SUSE
	https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3932-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3932-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3933-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3933-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2019:0831	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2019:1479	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1480	vendor-advisory, x_refsource_REDHAT
	http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:38:46.640Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46502",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46502/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"
          },
          {
            "name": "107296",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107296"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1085",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "USN-3932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-1/"
          },
          {
            "name": "USN-3932-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-2/"
          },
          {
            "name": "USN-3930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-1/"
          },
          {
            "name": "USN-3931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-1/"
          },
          {
            "name": "USN-3933-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3933-2/"
          },
          {
            "name": "USN-3931-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-2/"
          },
          {
            "name": "USN-3930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-2/"
          },
          {
            "name": "USN-3933-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3933-1/"
          },
          {
            "name": "openSUSE-SU-2019:1193",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"
          },
          {
            "name": "RHSA-2019:0831",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0831"
          },
          {
            "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
          },
          {
            "name": "RHSA-2019:1479",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1479"
          },
          {
            "name": "RHSA-2019:1480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1480"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-22T18:06:27",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "46502",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46502/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"
        },
        {
          "name": "107296",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107296"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1085",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "USN-3932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-1/"
        },
        {
          "name": "USN-3932-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-2/"
        },
        {
          "name": "USN-3930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-1/"
        },
        {
          "name": "USN-3931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-1/"
        },
        {
          "name": "USN-3933-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3933-2/"
        },
        {
          "name": "USN-3931-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-2/"
        },
        {
          "name": "USN-3930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-2/"
        },
        {
          "name": "USN-3933-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3933-1/"
        },
        {
          "name": "openSUSE-SU-2019:1193",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"
        },
        {
          "name": "RHSA-2019:0831",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0831"
        },
        {
          "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
        },
        {
          "name": "RHSA-2019:1479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1479"
        },
        {
          "name": "RHSA-2019:1480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1480"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46502",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46502/"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"
            },
            {
              "name": "107296",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107296"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1085",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "USN-3932-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-1/"
            },
            {
              "name": "USN-3932-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-2/"
            },
            {
              "name": "USN-3930-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-1/"
            },
            {
              "name": "USN-3931-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-1/"
            },
            {
              "name": "USN-3933-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3933-2/"
            },
            {
              "name": "USN-3931-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-2/"
            },
            {
              "name": "USN-3930-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-2/"
            },
            {
              "name": "USN-3933-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3933-1/"
            },
            {
              "name": "openSUSE-SU-2019:1193",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"
            },
            {
              "name": "RHSA-2019:0831",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0831"
            },
            {
              "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
            },
            {
              "name": "RHSA-2019:1479",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1479"
            },
            {
              "name": "RHSA-2019:1480",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1480"
            },
            {
              "name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9213",
    "datePublished": "2019-03-05T22:00:00",
    "dateReserved": "2019-02-27T00:00:00",
    "dateUpdated": "2024-08-04T21:38:46.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6974 (GCVE-0-2019-6974)

Vulnerability from cvelistv5

Published

2019-02-15 15:00

Modified

2024-08-04 20:38

Severity ?

CWE

Summary

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

References

►

URL

Tags

	https://bugs.chromium.org/p/project-zero/issues/detail?id=1765	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21	x_refsource_MISC
	https://www.exploit-db.com/exploits/46388/	exploit, x_refsource_EXPLOIT-DB
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8	x_refsource_MISC
	https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9	x_refsource_MISC
	http://www.securityfocus.com/bid/107127	vdb-entry, x_refsource_BID
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156	x_refsource_MISC
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3932-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3932-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3933-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3931-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3930-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3933-1/	vendor-advisory, x_refsource_UBUNTU
	https://support.f5.com/csp/article/K11186236	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:0833	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:0818	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHBA-2019:0959	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2809	vendor-advisory, x_refsource_REDHAT
	https://support.f5.com/csp/article/K11186236?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:3967	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0103	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:38:32.373Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21"
          },
          {
            "name": "46388",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46388/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9"
          },
          {
            "name": "107127",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107127"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "USN-3932-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-1/"
          },
          {
            "name": "USN-3932-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3932-2/"
          },
          {
            "name": "USN-3930-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-1/"
          },
          {
            "name": "USN-3931-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-1/"
          },
          {
            "name": "USN-3933-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3933-2/"
          },
          {
            "name": "USN-3931-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3931-2/"
          },
          {
            "name": "USN-3930-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3930-2/"
          },
          {
            "name": "USN-3933-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3933-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K11186236"
          },
          {
            "name": "RHSA-2019:0833",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0833"
          },
          {
            "name": "RHSA-2019:0818",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0818"
          },
          {
            "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
          },
          {
            "name": "RHBA-2019:0959",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHBA-2019:0959"
          },
          {
            "name": "RHSA-2019:2809",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2809"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K11186236?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "name": "RHSA-2019:3967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3967"
          },
          {
            "name": "RHSA-2020:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0103"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-14T19:06:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21"
        },
        {
          "name": "46388",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46388/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9"
        },
        {
          "name": "107127",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107127"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "USN-3932-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-1/"
        },
        {
          "name": "USN-3932-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3932-2/"
        },
        {
          "name": "USN-3930-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-1/"
        },
        {
          "name": "USN-3931-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-1/"
        },
        {
          "name": "USN-3933-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3933-2/"
        },
        {
          "name": "USN-3931-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3931-2/"
        },
        {
          "name": "USN-3930-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3930-2/"
        },
        {
          "name": "USN-3933-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3933-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K11186236"
        },
        {
          "name": "RHSA-2019:0833",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0833"
        },
        {
          "name": "RHSA-2019:0818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0818"
        },
        {
          "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
        },
        {
          "name": "RHBA-2019:0959",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2019:0959"
        },
        {
          "name": "RHSA-2019:2809",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2809"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K11186236?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "name": "RHSA-2019:3967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3967"
        },
        {
          "name": "RHSA-2020:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0103"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-6974",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21"
            },
            {
              "name": "46388",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46388/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9"
            },
            {
              "name": "107127",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107127"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "USN-3932-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-1/"
            },
            {
              "name": "USN-3932-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3932-2/"
            },
            {
              "name": "USN-3930-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-1/"
            },
            {
              "name": "USN-3931-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-1/"
            },
            {
              "name": "USN-3933-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3933-2/"
            },
            {
              "name": "USN-3931-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3931-2/"
            },
            {
              "name": "USN-3930-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3930-2/"
            },
            {
              "name": "USN-3933-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3933-1/"
            },
            {
              "name": "https://support.f5.com/csp/article/K11186236",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K11186236"
            },
            {
              "name": "RHSA-2019:0833",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0833"
            },
            {
              "name": "RHSA-2019:0818",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0818"
            },
            {
              "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
            },
            {
              "name": "RHBA-2019:0959",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHBA-2019:0959"
            },
            {
              "name": "RHSA-2019:2809",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2809"
            },
            {
              "name": "https://support.f5.com/csp/article/K11186236?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K11186236?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "RHSA-2019:3967",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3967"
            },
            {
              "name": "RHSA-2020:0103",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0103"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-6974",
    "datePublished": "2019-02-15T15:00:00",
    "dateReserved": "2019-01-26T00:00:00",
    "dateUpdated": "2024-08-04T20:38:32.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2019:0722-1

Vulnerability from csaf_suse

CVE-2019-7221 (GCVE-0-2019-7221)

Vulnerability from cvelistv5

CVE-2019-9213 (GCVE-0-2019-9213)

Vulnerability from cvelistv5

CVE-2019-6974 (GCVE-0-2019-6974)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature