CVE-2019-19602

2019-12-17T18:11:46
ID RH:CVE-2019-19602
Type redhatcve
Reporter redhat.com
Modified 2021-08-24T23:12:26

Description

A flaw was found in the Linux kernel. When compiled with GCC 9, a vector register corruption occurs on return from a signal handler where the top page of the signal stack had not yet been paged in which can allow a local attacker with special user privilege (or root) to leak kernel internal information. The highest threat from this vulnerability is to data confidentiality.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.