Lucene search

K
redhatcveRedhat.comRH:CVE-2019-20934
HistoryNov 30, 2020 - 5:29 p.m.

CVE-2019-20934

2020-11-3017:29:24
redhat.com
access.redhat.com
20

0.0004 Low

EPSS

Percentile

12.7%

A flaw was found in the Linux kernel’s implementation of displaying NUMA statistics, where displaying the scheduler statistics could trigger a use-after-free in show_numa_stats() and display the kernel memory to userspace. The highest threat from this vulnerability is to system availability.

Mitigation

As the NUMA features are built-in and enabled by default, the NUMA functionality can be disabled at boot time by providing the kernel parameter, numa=off.

The method of providing this parameter depends on the operating system version, see KCS article <https://access.redhat.com/solutions/23216&gt;.

Disabling this feature may have significant performance impacts and the administrator should consider if the performance penalty is a problem.

If you need further assistance, see KCS article <https://access.redhat.com/solutions/41278&gt; or contact Red Hat Global Support Services.