Lucene search

K
nvd[email protected]NVD:CVE-2019-11815
HistoryMay 08, 2019 - 2:29 p.m.

CVE-2019-11815

2019-05-0814:29:00
CWE-416
CWE-362
web.nvd.nist.gov
2

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.007

Percentile

79.8%

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

Affected configurations

NVD
Node
linuxlinux_kernelRange4.34.4.179
OR
linuxlinux_kernelRange4.94.9.169
OR
linuxlinux_kernelRange4.144.14.112
OR
linuxlinux_kernelRange4.194.19.35
OR
linuxlinux_kernelRange5.05.0.8
OR
linuxlinux_kernelMatch5.1rc1
OR
linuxlinux_kernelMatch5.1rc2
OR
linuxlinux_kernelMatch5.1rc3
OR
linuxlinux_kernelMatch5.1rc4
Node
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.04
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
Node
opensuseleapMatch15.0
OR
opensuseleapMatch15.1
OR
opensuseleapMatch42.3
Node
netappactive_iq_unified_managerRange9.5vmware_vsphere
OR
netapphci_management_nodeMatch-
OR
netappsnapprotectMatch-
OR
netappsolidfireMatch-
OR
netappstorage_replication_adapterMatch7.2vsphere
OR
netappvasa_provider_for_clustered_data_ontapRange7.2
OR
netappvirtual_storage_consoleRange7.2vsphere
OR
netapphci_compute_nodeMatch-
OR
netapphci_storage_nodeMatch-
Node
netappcn1610Match-
AND
netappcn1610_firmwareMatch-

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.007

Percentile

79.8%